This is an automated archive.
The original was posted on /r/sysadmin by /u/RedditFullOChildren on 2024-01-23 16:41:32+00:00.
Lately my team has been experiencing backup failures (B&R) and defender alerts regarding excel spreadsheets/macros identifying as Emotet!pz. These files have resided on the drive (both active appdata and shadowcopies) and are just now being identified. VirusTotal has no hits on the reported file(s) and searching around google (as much is possible these days) shows a similar result, most say it’s a false positive.
Just curious if we’re expected to clear all shadowcopies to allow our backups to continue? Seems like a big hole in MS’s Defender operations but I could have all of this wrong.
You must log in or register to comment.