We use VSE8.8 with VSES 1.0.2 to scan the Netapp Filer ONTAP 8.1 ( CIFS ) we see in the filer syslog the message
Filername> Fri Nov 29 15:12:34 CET [filername:vscan.virus.created:ALERT]: CIFS: Possible Virus Detected - File ONTAP_ADMIN$path\file.ext
in share name modified by client IP Adresse (**unknown**) running as user SID may be infected.
The filer received status message Error, file not found. and error code [0xb] from vscan (anti-virus) server IP Adresse
Can anyone tell what this means ?
I can´t find this error code by Netapp
You can find out what the error means -
The [0xb] is in Hex. Convert it to Decimal.
You get 11.
Then at a CMD prompt, use the NET HELPMSG command to tell you what "11" means...
C:\>net helpmsg 11
An attempt was made to load a program with an incorrect format.
In the context of Netapp... I've no idea what this could be trying to tell you; I would guess that our scanner received bad/unexpected data from the Filer. Perhaps it has more meaning to someone more familiar with your environment or who knows what the trigger is for the message, e.g. if it's specific to certain files.
1. This is a common error when running McAfee orVeritas products in conjunction with a NetApp filer and the AV product isunable to expand or locate the listed path.
> In this case the $path variableisn't being properly expanded for the VSE engine to scan it, thus the error. This more than likely isn't a virus issue and is just a failure for VSEto properly scan that $path.
> A fix could be to ensure that the$path value is replaced with a full/complete path to the file and that allpermissions are correct to allow VSE the ability to scan both the path and file
2. As for the "and errorcode [0xb]" is just a hex value for a generic Windowsfile/format error code of "11" which is the best that the VSE couldprovide by way of an error code since it really wasn't sure how to properlyreport the issue.
Note: If you are unable to provide an expanded path tothe file in question as a part of your scanning structure or unable to set therequired permissions then it might be best to exclude it from the scan orexport it to a quarintine location for direct virus scanning if you are unsureof the security of the file to avoid future errors.
My company EMCONIT specilaizes in Netapp, EMC and HDS equipment.
Message was edited by: emconit on 12/2/13 11:45:03 AM CST