Unsolved
This post is more than 5 years old
18 Posts
0
877
December 12th, 2012 10:00
Trend Micro for NAS and CAVA
I have a couple of questions regarding the topic.
1) I have seen these definitions in the Exclude section of virus configuration file:
~$* >>>>>>>>
What are those?
2) Customer seems to be claiming that virus are still getting through. When I looked at the server_viruschk server_2 -a output it mentions:
Total infected files: 25
Modified infected files: 25
It's not deleting them, but the AV is modifying by renaming file to *.vir.
Also, there are some viruses that seem to be popping up in the RECYCLER folder for each home user and *.inf files are infected. It looks to be an autorun virus that is continuously being propgated when autorun.
I've asked the customer to check to see if autoplay is disabled on a GPO level.
Anybody have any insight on #2? I don't think CAVA is broken per say, its just the AV software isn't doing something properly.
Rainer_EMC
4 Operator
•
8.6K Posts
1
December 13th, 2012 04:00
What happens to infected files is entirely up to configuration on the AV scanners
We only control on the VNX which files are sent to the scanners