Solved

exchanger server has a endpoint protection notification

Posted on 2011-09-30
6
319 Views
Last Modified: 2013-11-22
freaking me out here
the message from endpoint says.
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: W32.Netsky.P@mm
File: \Device\HarddiskVolumeShadowCopy256\Program Files\Microsoft\Exchange Server\V14\Mailbox\Mailbox Database 0464384659\E0000001A84.log
Location: \Device\HarddiskVolumeShadowCopy256\Program Files\Microsoft\Exchange Server\V14\Mailbox\Mailbox Database 0464384659
Computer: THMVFS12
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: Thursday, September 29, 2011  11:04:54 PM

give some advice please
i have always been really careful with anti virus and my exchange server.....

0
Comment
Question by:jamesmetcalf74
  • 4
  • 2
6 Comments
 
LVL 10

Accepted Solution

by:
scriven_j earned 500 total points
ID: 36902625
This means that there is a Shadow copy which was taken at a time when there was a virus in your Exchange database (i.e. in an Email).  As long as it is not in the live database I don't think you have too much to worry about.  Run a full scan against Exchange if you are worried.
0
 

Author Comment

by:jamesmetcalf74
ID: 36951667
how to you run a full scan of exchange...
i remember you have to be careful about exchange and running av on it.
0
 
LVL 10

Assisted Solution

by:scriven_j
scriven_j earned 500 total points
ID: 36955012
Your normal anti-virus software will not be able to scan Exchange, you need AV software designed to scan Exchange (which will use API's to get access without locking the files).

Do you have Exchange specific Email?  Your normal AV supplier might do an Exchange component if not....
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 10

Assisted Solution

by:scriven_j
scriven_j earned 500 total points
ID: 36955013
Sorry - that should have said "Do you have Exchange specific Anti-Virus"
0
 

Author Comment

by:jamesmetcalf74
ID: 36957945
the symantec stated it to me...
endpoint automatically recognizes exchange environments and does not scan that databases.
but i was wondering if that exception was for the scheduled scans and manual scans or something similar.
0
 
LVL 10

Assisted Solution

by:scriven_j
scriven_j earned 500 total points
ID: 36961088

OK - looks like Endpoint doesn't support Exchange scanning.  Ideally you want some sort of scanning on your mailflow, either an internal solution such as Messagelabs or an system running on the Exchange box such as GFI Mail Security.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question