I am fairly new to ESET and am still fine tuning policy settings as issues crop up. One issue that has cropped up is affecting our ability to get consistent backups.
We run Microsoft DPM 2010 for backing up most file servers, and have ESET File Security installed on all of them. DPM goes through and touches each file, so if a risk is found, the real-time scanner picks it up, and places it in quarantine. Most, or all of the risks that have been found on the file servers JS/Redirector.NJU trojans. Personally I think these are false positives since they are coming from legitmate HTM and HTML files saved on the servers. However, the problem comes in that once in quarantined by ESET, DPM can no longer access the file, and then skips the file.
DPM by default will only skip 100 files before the recovery point will fail. In my research I've found that Microsoft recommends deleting threats, not quarantining them when using DPM. So, I believe I have three options.
1. Set an exclusion for HTM and HTML files. - I don't really want to exclude this as as I'm afraid to open up attack vectors.
2. There is a registry key I can put in to increase the limit of skipped files, however I see that has a bandaid. The quarantined files number will surely increase over time and eventually exceed the limit again.
3. I can set ESET policy to delete instead of quarantine. However, I cannot find where to do that for file security.
Can somebody direct me to the location in the ERA policy settings where this can be, if it can be done?