We have students taking a hesi exam from https://www.hesiinet.com/. There is a button/link for students to start taking an exam. It starts a java app threw the .exe file. Why would untangle see this as a virus? I talked with the developers and they were not sure either. Any ideas, or how I can pass this without turning off the virus part of the rack?

Thanks,

Kory

Just to make sure, you are positive it is Virus Blocker blocking it. If so, you should be able to set up exclusions in the rack to not block from that website.

here is what clam reports:

/home/dmorris/ReachBrowser.exe: Trojan.Agent-16516 FOUND

----------- SCAN SUMMARY -----------
Infected files: 1
Time: 18.201 sec (0 m 18 s)

Here is what kaspersky reports:

~ # kavclient /home/dmorris/ReachBrowser.exe
kavclient: requesting scan of file /home/dmorris/ReachBrowser.exe
Clean

I must have missed that, where do I specify that in the virus areas?

Thanks,

K

Where in the virus rack do I place an exception for .exe file?

there is no pass list for virus blocker.

The easiest thing to do would be to make a policy rule in the policy manager that maps all traffic to that IP to the "No rack"

Wouldnt it make more sense to have a virus override?