<?xml version="1.0" encoding="UTF-8" ?>
<forticlient_configuration>
<forticlient_version>5.6.6.1167</forticlient_version>
<version>5.6.6</version>
<date>2018/03/21</date>
<partial_configuration>0</partial_configuration>
<os_version>windows</os_version>
<system>
<ui>
<disable_backup>0</disable_backup>
<ads>1</ads>
<default_tab>AV</default_tab>
<flashing_system_tray_icon>1</flashing_system_tray_icon>
<hide_system_tray_icon>0</hide_system_tray_icon>
<suppress_admin_prompt>0</suppress_admin_prompt>
<password />
<culture_code>os-default</culture_code>
<gpu_rendering>0</gpu_rendering>
<replacement_messages>
<quarantine>
<title>
<title>
<![CDATA[]]>
</title>
</title>
<statement>
<remediation>
<![CDATA[]]>
</remediation>
</statement>
<remediation>
<remediation>
<![CDATA[]]>
</remediation>
</remediation>
</quarantine>
</replacement_messages>
</ui>
<log_settings>
<onnet_local_logging>1</onnet_local_logging>
<level>7</level>
<log_events>scheduler,update,firewall,av,proxy,shield,endpoint,configd,vuln,sandboxing</log_events>
<remote_logging>
<log_upload_enabled>0</log_upload_enabled>
<log_upload_server />
<log_upload_ssl_enabled>1</log_upload_ssl_enabled>
<log_retention_days>90</log_retention_days>
<log_upload_freq_minutes>60</log_upload_freq_minutes>
<log_generation_timeout_secs>900</log_generation_timeout_secs>
<netlog_categories>0</netlog_categories>
<log_protocol>faz</log_protocol>
</remote_logging>
</log_settings>
<proxy>
<update>0</update>
<virus_submission>0</virus_submission>
<type>http</type>
<address />
<port>80</port>
<username>
<![CDATA[Enc 4dce0991da7a13a87825817089c38886664c4560d7f91495]]>
</username>
<password>
<![CDATA[Enc e18b50465f7d0763e829406448fd75535db0fed4430263d4]]>
</password>
</proxy>
<update>
<use_custom_server>0</use_custom_server>
<server />
<port>80</port>
<timeout>60</timeout>
<failoverport />
<fail_over_to_fdn>1</fail_over_to_fdn>
<use_proxy_when_fail_over_to_fdn>1</use_proxy_when_fail_over_to_fdn>
<auto_patch>1</auto_patch>
<submit_virus_info_to_fds>1</submit_virus_info_to_fds>
<submit_vuln_info_to_fds>1</submit_vuln_info_to_fds>
<update_action>notify_only</update_action>
<scheduled_update>
<enabled>1</enabled>
<type>interval</type>
<daily_at>07:24</daily_at>
<update_interval_in_hours>1</update_interval_in_hours>
</scheduled_update>
</update>
<fortiproxy>
<enabled>1</enabled>
<enable_https_proxy>1</enable_https_proxy>
<http_timeout>30</http_timeout>
<client_comforting>
<pop3_client>1</pop3_client>
<pop3_server>1</pop3_server>
<smtp>1</smtp>
</client_comforting>
<selftest>
<enabled>1</enabled>
<last_port>65535</last_port>
<notify>1</notify>
</selftest>
</fortiproxy>
<certificates>
<crl>
<ocsp />
</crl>
<hdd />
<ca />
</certificates>
</system>
<endpoint_control>
<enabled>1</enabled>
<socket_connect_timeouts>1:5</socket_connect_timeouts>
<system_data>Enc 38fb2d0512ff0d3b64061a909e8397019c3d247492d39ef6a0df5181b02df596e86e20e09b595623605c16d4bf89c903779ba68070c94ff2bbb050686a0fc38220a2eb10d292baa95b707ab8622c46a03b7441e2fb34</system_data>
<disable_unregister>0</disable_unregister>
<disable_fgt_switch>0</disable_fgt_switch>
<show_bubble_notifications>1</show_bubble_notifications>
<avatar_enabled>1</avatar_enabled>
<ui>
<display_antivirus>1</display_antivirus>
<display_webfilter>0</display_webfilter>
<display_firewall>0</display_firewall>
<display_vpn>0</display_vpn>
<display_vulnerability_scan>1</display_vulnerability_scan>
<display_sandbox>1</display_sandbox>
<display_compliance>0</display_compliance>
<hide_compliance_warning>0</hide_compliance_warning>
<registration_dialog>
<show_profile_details>1</show_profile_details>
</registration_dialog>
</ui>
<onnet_addresses>
<address />
</onnet_addresses>
<onnet_mac_addresses />
<alerts>
<notify_server>1</notify_server>
<alert_threshold>1</alert_threshold>
</alerts>
<fortigates>
<fortigate>
<serial_number />
<name />
<registration_password />
<addresses />
</fortigate>
</fortigates>
<local_subnets_only>0</local_subnets_only>
<notification_server />
<nac>
<processes>
<process id="">
<signature name="" />
</process>
</processes>
<files>
<path id="" />
</files>
<registry>
<path id="" />
</registry>
</nac>
</endpoint_control>
<antivirus>
<enabled>1</enabled>
<signature_expired_notification>1</signature_expired_notification>
<scan_on_insertion>1</scan_on_insertion>
<shell_integration>1</shell_integration>
<antirootkit>4294967295</antirootkit>
<fortiguard_analytics>1</fortiguard_analytics>
<multi_process_limit>4</multi_process_limit>
<scheduled_scans>
<ignore_3rd_party_av_conflicts>0</ignore_3rd_party_av_conflicts>
<full>
<enabled>1</enabled>
<repeat>1</repeat>
<day_of_month>1</day_of_month>
<time>19:30</time>
<removable_media>1</removable_media>
<network_drives>0</network_drives>
<priority>2</priority>
</full>
</scheduled_scans>
<on_demand_scanning>
<use_extreme_db>1</use_extreme_db>
<on_virus_found>4</on_virus_found>
<pause_on_battery_power>0</pause_on_battery_power>
<signature_load_memory_threshold>80</signature_load_memory_threshold>
<automatic_virus_submission>
<enabled>1</enabled>
<smtp_server>fortinetvirussubmit.com</smtp_server>
<username>Enc 3b9a0a727b4cb5f796ec1ef589fe4ad222a568feed439561</username>
<password>Enc a9b87cf78f0011303c80e1de3d142a041399cf837de2e2a0</password>
</automatic_virus_submission>
<compressed_files>
<scan>1</scan>
<maxsize>0</maxsize>
</compressed_files>
<riskware>
<enabled>1</enabled>
</riskware>
<adware>
<enabled>1</enabled>
</adware>
<heuristic_scanning>
<level>1</level>
<action>2</action>
</heuristic_scanning>
<scan_file_types>
<all_files>1</all_files>
<file_types>
<extensions>.386,.ACE,.ACM,.ACV,.ACX,.ADT,.APP,.ASD,.ASP,.ASX,.AVB,.AX,.AX2,.BAT,.BIN,.BTM,.CDR,.CFM,.CHM,.CLA,.CLASS,.CMD,.CNN,.COM,.CPL,.CPT,.CPY,.CSC,.CSH,.CSS,.DEV,.DLL,.DOC,.DOT,.DRV,.DVB,.DWG,.EML,.EXE,.FON,.GMS,.GVB,.HLP,.HTA,.HTM,.HTML,.HTT,.HTW,.HTX,.HXS,.INF,.INI,.JPG,.JS,.JTD,.KSE,.LGP,.LIB,.LNK,.MDB,.MHT,.MHTM,.MHTML,.MOD,.MPD,.MPP,.MPT,.MRC,.OCX,.PIF,.PL,.PLG,.PM,.PNF,.PNP,.POT,.PPA,.PPS,.PPT,.PRC,.PWZ,.QLB,.QPW,.REG,.RTF,.SBF,.SCR,.SCT,.SH,.SHB,.SHS,.SHT,.SHTML,.SHW,.SIS,.SMM,.SWF,.SYS,.TD0,.TLB,.TSK,.TSP,.TT6,.VBA,.VBE,.VBS,.VBX,.VOM,.VSD,.VSS,.VST,.VWP,.VXD,.VXE,.WBK,.WBT,.WIZ,.WK,.WML,.WPC,.WPD,.WSC,.WSF,.WSH,.XLS,.XML,.XTP</extensions>
<include_files_with_no_extension>1</include_files_with_no_extension>
</file_types>
</scan_file_types>
<exclusions>
<!--the element below can exist 0-n times-->
<file />
<!--the element below can exist 0-n times-->
<folder></folder>
<file_types>
<extensions />
</file_types>
</exclusions>
</on_demand_scanning>
<real_time_protection>
<enabled>1</enabled>
<use_extreme_db>1</use_extreme_db>
<when>0</when>
<ignore_system_when>0</ignore_system_when>
<on_virus_found>4</on_virus_found>
<popup_alerts>1</popup_alerts>
<popup_registry_alerts>0</popup_registry_alerts>
<bypass_java>0</bypass_java>
<cloud_based_detection>
<on_virus_found>4</on_virus_found>
</cloud_based_detection>
<sandboxing>
<enabled>0</enabled>
<sandbox_address />
<timeout>0</timeout>
<use_sandbox_signatures>1</use_sandbox_signatures>
<check_for_signatures_every>5</check_for_signatures_every>
<action_on_error>0</action_on_error>
<scan_usb>0</scan_usb>
<scan_mapped_drives>0</scan_mapped_drives>
</sandboxing>
<compressed_files>
<scan>1</scan>
<maxsize>0</maxsize>
</compressed_files>
<riskware>
<enabled>1</enabled>
</riskware>
<adware>
<enabled>1</enabled>
</adware>
<heuristic_scanning>
<level>1</level>
<action>3</action>
</heuristic_scanning>
<scan_file_types>
<all_files>1</all_files>
<file_types>
<extensions>.386,.ACE,.ACM,.ACV,.ACX,.ADT,.APP,.ASD,.ASP,.ASX,.AVB,.AX,.AX2,.BAT,.BIN,.BTM,.CDR,.CFM,.CHM,.CLA,.CLASS,.CMD,.CNN,.COM,.CPL,.CPT,.CPY,.CSC,.CSH,.CSS,.DEV,.DLL,.DOC,.DOT,.DRV,.DVB,.DWG,.EML,.EXE,.FON,.GMS,.GVB,.HLP,.HTA,.HTM,.HTML,.HTT,.HTW,.HTX,.HXS,.INF,.INI,.JPG,.JS,.JTD,.KSE,.LGP,.LIB,.LNK,.MDB,.MHT,.MHTM,.MHTML,.MOD,.MPD,.MPP,.MPT,.MRC,.OCX,.PIF,.PL,.PLG,.PM,.PNF,.PNP,.POT,.PPA,.PPS,.PPT,.PRC,.PWZ,.QLB,.QPW,.REG,.RTF,.SBF,.SCR,.SCT,.SH,.SHB,.SHS,.SHT,.SHTML,.SHW,.SIS,.SMM,.SWF,.SYS,.TD0,.TLB,.TSK,.TSP,.TT6,.VBA,.VBE,.VBS,.VBX,.VOM,.VSD,.VSS,.VST,.VWP,.VXD,.VXE,.WBK,.WBT,.WIZ,.WK,.WML,.WPC,.WPD,.WSC,.WSF,.WSH,.XLS,.XML,.XTP</extensions>
<include_files_with_no_extension>1</include_files_with_no_extension>
</file_types>
</scan_file_types>
<exclusions>
<!--the element below can exist 0-n times-->
<file />
<!--the element below can exist 0-n times-->
<folder></folder>
<file_types>
<extensions>.zip,.gzip,.msc,.rar,.tar,.tgz,.lzh,.CAB,.BZIP2,.7Z,.BZIP,.ARJ</extensions>
</file_types>
</exclusions>
</real_time_protection>
<email>
<smtp>1</smtp>
<pop3>1</pop3>
<outlook>1</outlook>
<wormdetection>
<enabled>1</enabled>
<action>1</action>
</wormdetection>
<heuristic_scanning>
<enabled>1</enabled>
<action>1</action>
</heuristic_scanning>
<mime_scanning>
<enabled>1</enabled>
</mime_scanning>
</email>
<quarantine>
<cullage>360</cullage>
</quarantine>
<server>
<exchange>
<integrate>0</integrate>
<action>0</action>
<excludefilesystemfromscanning>0</excludefilesystemfromscanning>
<excludefileextensionsfromscanning>0</excludefileextensionsfromscanning>
</exchange>
<sqlserver>
<excludefilesystemfromscanning>0</excludefilesystemfromscanning>
<excludefileextensionsfromscanning>0</excludefileextensionsfromscanning>
</sqlserver>
</server>
</antivirus>
<vulnerability_scan>
<enabled>1</enabled>
<scan_on_registration>0</scan_on_registration>
<scan_on_signature_update>1</scan_on_signature_update>
<windows_update>1</windows_update>
<proxy_enabled>0</proxy_enabled>
<auto_patch />
<scheduled_scans />
</vulnerability_scan>
<sandboxing>
<enabled>0</enabled>
<type>appliance</type>
<address />
<response_timeout>0</response_timeout>
<when>
<executables_on_removable_media>0</executables_on_removable_media>
<executables_on_mapped_nw_drives>0</executables_on_mapped_nw_drives>
<web_downloads>0</web_downloads>
<email_downloads>0</email_downloads>
</when>
<remediation>
<action>quarantine</action>
<on_error>allow</on_error>
</remediation>
<exceptions>
<exclude_files_from_trusted_sources>0</exclude_files_from_trusted_sources>
<trusted_sources />
<exclude_files_and_folders>0</exclude_files_and_folders>
<folders>
<folder>
<![CDATA]>
</folder>
<folder>
<![CDATA[\]]>
</folder>
</folders>
<files>
<file />
</files>
</exceptions>
</sandboxing>
<antiexploit>
<enabled>1</enabled>
<show_bubble_notifications>1</show_bubble_notifications>
<submit_anomaly_urls>0</submit_anomaly_urls>
<exclusion_applications />
</antiexploit>
</forticlient_configuration>