Issue PrivateTemp file constantly infected with viruses

[sende2]

Server operating system version

Windows 2016

Plesk version and microupdate number

18.0.64 #1

Hello,
I am using Plesk version 18.0.64 #1 on my server.
Eset Server Security is available as an antivirus software.

The virus program keeps saying that malicious files have been sent to the PrivateTemp folder and that it has deleted them.

Is there a way to prevent this?
I am attaching sample logs below.



Thanks,

 

[sende2]

Does anyone have any thoughts on this?
Thanks,

 

[Duarte N]

Hi,

I often see this on websites with security vulnerabilities they are trying to exploit. But in this case it is in the subscription tmp folder (“%plesk_vhosts%<domain name>\tmp”).

As far as I know, “C:\Program Files (x86)\Plask\PrivateTemp” is used by Plesk itself during operations like backups, dumps, application installation... but you might want to delve deeper into which operation creates these tmp files.