Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Perrine
New Contributor

Created on ‎06-06-2014 08:58 AM

High security alert => infected with virus " unknown" ==> [SOLVED]

Hi all ! I' m having a problem on a FG110C cluster running v4.0 MR3 patch15. Let me explain... I' m using antivirus feature to scan web traffic and since a few weeks, internet users get this message : High security alert !! You are not permitted to download the file " " because it is infected with the virus " unknown" URL = [the whole URL] File quarantined as : . http://www.fortinet.com/ve?vn=unknown Does anybody know what' s wrong ? Note that this error appears and then a few seconds later when you try to access exactly the same thing, you don' t have any problem... Regards, Perrine
Jh16261.jpg
Preview file
57 KB
23488
0 Kudos
3 REPLIES 3
netmin
Contributor II

Created on ‎06-06-2014 10:47 AM

Hi Perrine, there' s an older KB article referring to heuristic AV detection " virus=unknown" : http://kb.fortinet.com/kb/documentLink.do?externalID=11227 producing (log) messages like this. Maybe you can check if " config antivirus heuristic" is set to block files. Flow-based inspection may produce some false positives as well. Btw: even more interesting is that google provides a number of results (websites not related, also no SEO) when searching for the exact phrase - it almost seems that FGTs may also present this message to the rest of the world under certain conditions.
3207
0 Kudos
Perrine
New Contributor

Created on ‎06-12-2014 12:48 AM

Hello netmin, Thanks for your answer. The KB you mentioned seemed to concern very old FortiOS version. In 4.0 MR3 patch 15, in the antivirus profile the options you can configure are very limited. In fact there are only 2 : proxy or flow based I found that due to migration my configuration was a third option named " custom" I had no idea on what " custom" was and changed it to flow based. It seems to solve my problem. I' ll keep this post opened for a few days to be sure and then I' ll close it. Regards, Perrine
3207
0 Kudos
Perrine
New Contributor

Created on ‎06-16-2014 05:54 AM

Hi all, Changing profile settings from custom to flow-based or proxy solved my problem. Regards; Perrine
3207
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.