Solved

exchanger server has a endpoint protection notification

Posted on 2011-09-30
6
310 Views
Last Modified: 2013-11-22
freaking me out here
the message from endpoint says.
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: W32.Netsky.P@mm
File: \Device\HarddiskVolumeShadowCopy256\Program Files\Microsoft\Exchange Server\V14\Mailbox\Mailbox Database 0464384659\E0000001A84.log
Location: \Device\HarddiskVolumeShadowCopy256\Program Files\Microsoft\Exchange Server\V14\Mailbox\Mailbox Database 0464384659
Computer: THMVFS12
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: Thursday, September 29, 2011  11:04:54 PM

give some advice please
i have always been really careful with anti virus and my exchange server.....

0
Comment
Question by:jamesmetcalf74
  • 4
  • 2
6 Comments
 
LVL 10

Accepted Solution

by:
scriven_j earned 500 total points
ID: 36902625
This means that there is a Shadow copy which was taken at a time when there was a virus in your Exchange database (i.e. in an Email).  As long as it is not in the live database I don't think you have too much to worry about.  Run a full scan against Exchange if you are worried.
0
 

Author Comment

by:jamesmetcalf74
ID: 36951667
how to you run a full scan of exchange...
i remember you have to be careful about exchange and running av on it.
0
 
LVL 10

Assisted Solution

by:scriven_j
scriven_j earned 500 total points
ID: 36955012
Your normal anti-virus software will not be able to scan Exchange, you need AV software designed to scan Exchange (which will use API's to get access without locking the files).

Do you have Exchange specific Email?  Your normal AV supplier might do an Exchange component if not....
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 10

Assisted Solution

by:scriven_j
scriven_j earned 500 total points
ID: 36955013
Sorry - that should have said "Do you have Exchange specific Anti-Virus"
0
 

Author Comment

by:jamesmetcalf74
ID: 36957945
the symantec stated it to me...
endpoint automatically recognizes exchange environments and does not scan that databases.
but i was wondering if that exception was for the scheduled scans and manual scans or something similar.
0
 
LVL 10

Assisted Solution

by:scriven_j
scriven_j earned 500 total points
ID: 36961088

OK - looks like Endpoint doesn't support Exchange scanning.  Ideally you want some sort of scanning on your mailflow, either an internal solution such as Messagelabs or an system running on the Exchange box such as GFI Mail Security.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now