PowerScale CAVA Trend Micro configuration could result in File_Not_Found and false alerts
Summary: Certain Trend Micro configurations could result in File_Not_Found for an infection (after delete). Under high temporary file load, PowerScale may falsely alert that the file was infected ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Using Trend Micro as a CAVA solution on OneFS may be getting inundated with events of infected files:
181977 07/07 09:58 07/07 09:58 SW_AVSCAN_CAVA_INFECTED_FILE 3 1 information 181979 07/07 09:58 07/07 09:58 SW_AVSCAN_CAVA_INFECTED_FILE 6 1 information 181980 07/07 09:58 07/07 09:58 SW_AVSCAN_CAVA_INFECTED_FILE 6 1 information 181982 07/07 09:58 07/07 09:58 SW_AVSCAN_CAVA_INFECTED_FILE 5 1 information
Enabling dbgviewer on the CEE server could reveal these type of messages:
00000063 7.16316700 [1654] [EMC CEE]: CDriverAgent::CheckFile(): IOCTL_FSCVIR_CHECK_UNCPATH failure= e0000034(hex) 00000064 7.16316700 [1654] , FILE_NOT_FOUND
OneFS could be calling these out in lwavscand.log as "VC_ERROR_FAIL":
2023-07-07T09:52:55.389858-07:00 <30.7> powerscale-1(id1) lwavscan[82957]: [lwavscan] DEBUG:0x806e35510:AvscanPerformScanRequest():lwavscan/server/lwavscand/avscan_cava_request.cpp:264: TrendMicro Scan: Infected Status VC_ERROR_FAIL. 2023-07-07T09:52:55.389919-07:00 <30.7> powerscale-1(id1) lwavscan[82957]: [lwavscan]
Cause
Trend Micro configurations could result in misleading and false infections on OneFS
Resolution
This issue is fixed in PowerScale OneFS 9.7.1.5 and above
Article Properties
Article Number: 000218016
Article Type: Solution
Last Modified: 25 Sept 2025
Version: 2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.