Trend Micro® OfficeScan v10 AV Settings for Windows File Archiver

Trend Micro^® OfficeScan v10 AV can be configured on the computers that have the Windows File Archiver agent installed. It allows for scanning of archived files and folders available on the server.

However the security system should be configured to ignore the installation files, system files and the log files of the Archiver for Windows agent to avoid stub recall during the scanning process.

Follow the steps given below to configure the security system to ignore the log files, installation files and the system files:

1. On the System Tray double-click the Trend Micro OfficeScan iconand click the Settings tab.

   

2. In the Scan Exclusion window, verify that the Enable scan exclusion check box is selected.

   

3. In the Virus Scan Exclusion List add the following:

   • *:\gxhsmcache

     Where * is a volume/drive

   • Commvault/ContentStore/iDataAgent

   • Commvault/ContentStore/Log Files

   

Configuring Windows Registry

Configure the following registry settings for Trend Micro OfficeScan to disable the scan of Sparse files, Offline files and Alternate NTFS streams.

1. Start the Registry Editor on the computer where the file archiver agent is installed.

2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TmFilter\Parameters.

3. Right-click Parameters, point at New and click DWORD.

4. In the Value Name box type TrapHiddenDataStream.

5. In the Value Data box enter 0.

6. Right-click Parameters, point at New and click DWORD.

7. In the Value Name box type SkipOffLineFile.

8. In the Value Data box enter 1.

9. Right-click Parameters, point at New and click DWORD.

10. In the Value Name box type SkipSparseFile.

11. In the Value Data box enter 1.

12. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TmPreFilter\Parameters.

13. Right-click Parameters, point at New and click DWORD.

14. In the Value Name box type TrapHiddenDataStream.

15. In the Value Data box enter 0.

16. Right-click Parameters, point at New and click DWORD.

17. In the Value Name box type SkipOffLineFile.

18. In the Value Data box enter 1.

19. Right-click Parameters, point at New and click DWORD.

20. In the Value Name box type SkipSparseFile.

21. In the Value Data box enter 1.

22. Reboot the server for the registries to take their effect.

    

Once Trend Micro OfficeScan is configured and before any scans are run, add the following changes to the Commvault Software registry section on the OfficeScan Client server.

1. Start the Registry Editor on the computer where the file archiver agent is installed.

2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\cvmhsm\Parameters\.

3. Right-click Parameters, point at New and click String Value.

4. In the Value Name box type ExcludeProcessX.

   Where X is the next consecutive number in the list (i.e. ExcludeProcess1, ExcludeProcess2, etc.)) for any process that should not initiate recalls.

   All ExcludeProcess names must be truncated to a maximum 15 character string value or the Windows OS Kernel Mode will not process the exclusion properly. This would result in the exclusion being ignored, unexpected recalls occurring and other unexplained stub activities.

   For example:

   Processnamelong (Truncated from Processnamelongerthen15characters.exe to meet 15 character limit)

   Note

   Ensure that in addition to registry keys with environment specific executables, ExcludeProcess registries are also created with the following as their respective value:

   casdscsvc.exe

   ntrtscan.exe

   ofcdog.exe

   ofcpfwsvc.exe

   pccnt.exe

   pccntmon.exe

   tdiins.exe

   tmlisten.exe

   tmlwfins.exe

   tmwfpins.exe

   tsc.exe

5. Restart the Commvault services for the registry to take its effect.