Solved: Cifs Share, virus and Symantec Protection Engine

ELESSARIN · ‎2013-01-18

Hello,

I have a FAS2040 with cifs share.

On this share I have a virus that hide folder and replace them by .exe. I suspect one of my user who is infecting file. I need to find at least his IP address.

First I have enabled audit but it was not enough detailled.

Then to correct this issue, I have installed Symantec Protection Engine 7 and configured with my NetApp

Symantec is working well, I can see in NetApp with vscan command that Symantec is doing the job. But I have no entry at all for my hidding virus.

Do you know if there is an option in NetAPP to monitor folder attribute with vscan ? I have make a lot of search but I'm unlucky.

Thank you.

ELESSARIN · ‎2013-02-26

After opening a ticket on NetApp support, it is not possible to monitor folder with NetApp ....

Solution for me was to find an antivirus on client computer that detect this virus. Then update all my client and finally unhide manually folder on cifs.

View solution in original post

ELESSARIN · ‎2013-01-21

I have found this option in NetApp doc :

vscan extensions include add txt

Maybe folder file are not in vscan extension, do you know what is folder extension to be sure ?

Thanks

ELESSARIN · ‎2013-02-26

After opening a ticket on NetApp support, it is not possible to monitor folder with NetApp ....

Solution for me was to find an antivirus on client computer that detect this virus. Then update all my client and finally unhide manually folder on cifs.

Cifs Share, virus and Symantec Protection Engine

NetApp's KB Wins Again!

CIFS Share not accessible

CIFS share

Unable to access cifs shares

CIFS share auditing

vScan anti-virus app recommendation wanted