Home » Kerio User Forums » Kerio Control » Understanding Alert Log (Virus issue)

Messages: 10
Karma: 1
Send a private message to this user

Have noticed an alert which is repeating with some regularity on Kerio Control:

Virus alert
Event description
User: not logged yet
Host (IP): (
File: copy_invoice_90809495.zip
Protocol: POP3
Virus info: Sophos verdict: Troj/Dloadr-EAH

I'm not quite certain how to interpret this...Is host trying to send a virus or is something trying to send a virus to this host? POP3 would imply it's inbound, but now I'm not sure.

I've scanned that host with 2 very different virus checkers and neither of them have detected anything.

Also the log is not clear on what if any action has been taken - I'm assuming (regardless of whether it's inbound or outbound) the file has been blocked.

Thanks for any help on this.
Petr Dobry (Kerio)

Messages: 405
Karma: 61
Send a private message to this user
This alert simply means that computer with IP tried to download email via POP3 which included virus/trojan. If a virus is detected, the attachment is replaced by a notice informing about the virus found.

Please see http://kb.kerio.com/1386 for more details.

Petr Dobry
Product Development Manager | Kerio

Messages: 10
Karma: 1
Send a private message to this user

Messages: 1
Karma: 0
Send a private message to this user
if i have endless repeating of same message what does it mean and how i can stop it? and what exactly it is means, what this mail trying to be downloaded over and over again?
Previous Topic: Kerio VPN to Azure
Next Topic: shared resources
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Jan 18 00:29:49 CET 2019

Total time taken to generate the page: 0.73957 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.