• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 362
  • Last Modified:

exchanger server has a endpoint protection notification

freaking me out here
the message from endpoint says.
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: W32.Netsky.P@mm
File: \Device\HarddiskVolumeShadowCopy256\Program Files\Microsoft\Exchange Server\V14\Mailbox\Mailbox Database 0464384659\E0000001A84.log
Location: \Device\HarddiskVolumeShadowCopy256\Program Files\Microsoft\Exchange Server\V14\Mailbox\Mailbox Database 0464384659
Computer: THMVFS12
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: Thursday, September 29, 2011  11:04:54 PM

give some advice please
i have always been really careful with anti virus and my exchange server.....

0
jamesmetcalf74
Asked:
jamesmetcalf74
  • 4
  • 2
4 Solutions
 
scriven_jCommented:
This means that there is a Shadow copy which was taken at a time when there was a virus in your Exchange database (i.e. in an Email).  As long as it is not in the live database I don't think you have too much to worry about.  Run a full scan against Exchange if you are worried.
0
 
jamesmetcalf74Author Commented:
how to you run a full scan of exchange...
i remember you have to be careful about exchange and running av on it.
0
 
scriven_jCommented:
Your normal anti-virus software will not be able to scan Exchange, you need AV software designed to scan Exchange (which will use API's to get access without locking the files).

Do you have Exchange specific Email?  Your normal AV supplier might do an Exchange component if not....
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
scriven_jCommented:
Sorry - that should have said "Do you have Exchange specific Anti-Virus"
0
 
jamesmetcalf74Author Commented:
the symantec stated it to me...
endpoint automatically recognizes exchange environments and does not scan that databases.
but i was wondering if that exception was for the scheduled scans and manual scans or something similar.
0
 
scriven_jCommented:

OK - looks like Endpoint doesn't support Exchange scanning.  Ideally you want some sort of scanning on your mailflow, either an internal solution such as Messagelabs or an system running on the Exchange box such as GFI Mail Security.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now