I need help identifying the infected/detection since I am not able to located it. I have tried checking the onDemandScanlog/EPO Console, but could not find the name of the infected file. I have also tried checking for the quarantine folder to see if it was there, but our server does not appear to have it. In addition, I have enable "view hidden files" on the server.
|Event Time:||10/14/2014 2:54:14 AM|
The scan found detections. Scan engine version 5700.7163 DAT version 7590.
Your looking in the right place, it should be in the OnDemandScanLog.txt but I would also check the OnAccessScanLog.txt & AccessProtectionLog.txt to be on the safe side. Otherwise just thought I would give you the below info to further research.
You can also go here to reference MS event ID's to correlate to VSE: https://kc.mcafee.com/corporate/index?page=content&id=KB52417&pmv=print
Looks like yours is below:
I checked the other logs as well but could not find anything. As a matter of fact the other logs were not event updated as you can see from the screen shot.
Is there any way that I can see user OnDemandScanLog.txt file through ePO or any other method because I always seen Event Description as " Scan found infected files." in ePO threat events but there is no information about which files are infected.