[ES] Virus detected in BA server files.

Problem Description

The customer reported that the ES scan detected a virus in the file directory of the external data center BA. The infected path is as follows:

e:\\dcattaches\\dc\\devid\_d9173a3c\\actrace\\20200609\\203\\n\_203-1-d9173a3c-url.data

Root Cause

AC will store the audited files to BA, which is the directory where BA stores files. The files are not encrypted, so when virus files are audited, they will be scanned by antivirus software.

Solution

The file has been renamed and cannot be executed or used. Please directly add an exception for this directory on ES to resolve the issue.

Original Link

https://support.sangfor.com.cn/cases/list?product_id=16&type=1&category_id=2682&isOpen=true