ArchiveOne Enterprise, all versions
After running a regular scheduled anti-virus (AV) scan of the archive server a large number of files have been flagged as 'infected' (typically as containing some form of 'Trojan')
Anti-virus (AV) products, especially those set to perform "on access" scanning frequently misreport ArchiveOne temporary files as having a virus payload.
The reason for this is that ArchiveOne's temporary files are not readable by most AV products and so they make a "best guess" to the possible type of threat they may pose. The report by the AV software is usually a set of false positives.
The usual way to avoid this is to add our temporary file paths to a list of 'excluded' paths.
Typical folders to add are;
*the "Add-ins" share (located on the machine designated the 'configuration server')
*the installation folder (typically C:\Program Files(x86)\C2C Systems\ArchiveOne\
*the 'temporary' folder listed in the repository definition
*NOTE: To locate the 'temporary' folder:
*Open the ArchiveOne Console
*Navigate to the Repositories node
*Right click on a repository and select properties from the context menu
*navigate to the Temporary Data tab and not the path for the temporary data
Depending on the AV software being run you may also find it useful to exclude ALL the C2C processes (listed in 'Task Manager') such as;
Adding these exclusions should resolve the problem.
There is no formal resolution to this issue. Additionally the workaround may result in some genuinely infected emails entering the archive. Strong AV scanning of the Exchange server is hence recommended.
Link To This Page: