Re: F-Prot triggers huge amounts of Security Audit Failures on Windows XP

On Mar 19, 2:06 pm, "David H. Lipman" <DLipman~nosp...@xxxxxxxxxxx>
wrote:
From: "Rob" <ramse...@xxxxxxxxx>

| Hello,
|
| I have F-prot version 6 (Anti-Virus) loaded on several Windows XP
| systems in our lab.  The Windows XP systems have been configured for
| security auditing (per NISPOM Ch. 8 requirement).  Using event viewer
| to look at the security logs, I'm seeing 8500+ security messages for
| two days worth of usage, of which  94% of them read exactly like the
| printout below.
|
| I'm not sure, but it seems like FPAVserv (f-prot process) might
| running with the user's rights and not running as a system service.
|
| Any thoughts on how I can fix this?
|
| Thanks,
|

< snip >

Interesting.

If you have to follow "NISPOM Ch. 8 requirement", you can't use F-Prot.  It is an unapproved
anti virus solution.

The requirements are only for the DISA approved anti virus solutions under the DISA DoD wide
license which include only;  Trend Micro, Symantec and MCafee.

--
Davehttp://www.claymania.com/removal-trojan-adware.html
Multi-AV -http://www.pctipp.ch/downloads/dl/35905.asp

Hello Dave,

Contractors are governed by DSS. Their regulation reads:

DoD 5220.22-M, February 28, 2006

8-305. Malicious Code. Policies and procedures to detect and deter
incidents caused by malicious code, such as viruses or unauthorized
modification to software, shall be implemented. All files must be
checked for viruses before being introduced on an IS and checked for
other malicious code as feasible. The use of personal or public domain
software is strongly discouraged. Each installation of such software
must be approved by the ISSM.

I have F-Prot listed in my protection profile and I have an ATO letter
in-hand. I haven't read anything on DSS's website stating that a
particular piece of anti-virus software has to be used; at least not
for our classification level.

Not that any of that matters anyway. Any thoughts on the message I
posted?

Thanks,

Rob
.

Relevant Pages

  • Re: Installing stuff
    ... I could in theory run Ubuntu and run VMware and windows therein and MOST ... I still have no isssues with paying to licence Agent, or Outpost, or F-prot, ... AVG could take note - I ran AVG on 64-bit windows, ... Set F-prot to fully auto, and the only time you notice it is if it ...
    (uk.rec.sheds)
  • Re: Kaspersky and PornDialer
    ... >>Since it is a DOS program the command line has a problem when it is given a long directory ... I didn't change my (Windows 98) registry for that. ... link to F-Prot into my SendTo folder. ... off-topic religious/political post, March 28, 2005 ...
    (alt.comp.anti-virus)
  • Re: Virus scanning apps that can be started from the DOS prompt?
    ... f-prot for dos which is free but doesn't handle windows pc's properly and fpcmd which isn't free but does handle windows pc's properly... ... f-prot for dos uses dos api's to enumerate the file system and windows support of those api's doesn't provide for complete enumeration of the file system... ...
    (alt.comp.anti-virus)
  • Re: Norton & McAfee "crapware"
    ... Steve Winograd wrote: ... > I've used F-Prot for Windows on my computers for years, ... I also use F-Prot on my Windows machines for and have done ...
    (microsoft.public.security.virus)
  • Re: Freedom Suite
    ... Can't find much recent information on this application one way or ther ... I'm mostly interested in the anti-virus aspect. ... F-Prot is a mainstream av and its ... The F-Prot engine ...
    (alt.comp.anti-virus)