cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Schopenhauer
Schopenhauer
Level 9
Report Inappropriate Content
Message 1 of 4
‎03-19-2019 12:08 AM

VirusScan is disabled or scan is ended?

Jump to solution

Hi all.

There is rule, that detect VSA propably is disabled.

I have in log only "ops.service.end, ID: 1065" and I can't check it on the host system.

Due to McAfee KB: 

1065Service endedInformational

 

So, the scan is ended or VSA is disabled? Or it can be both?

0 Kudos
Reply
1 Solution

Accepted Solutions
vnaidu
Reliable Contributor vnaidu
Reliable Contributor
Report Inappropriate Content
Message 4 of 4
‎03-19-2019 02:06 AM

Re: VirusScan is disabled or scan is ended?

Jump to solution

Dear@Schopenhauer 

Please find the below table, which is described in the KB article KB52417, please note that McAfee uses the same event ID as microsoft uses for service stopped started or error etc.

1064OASSEVERITY_INFORMATIONALops.service.startNone257InformationService was started.
1065OAS SEVERITY_INFORMATIONAL ops.service.endNone257InformationService ended.
1067 ODSSEVERITY_MINORops.service.errorNone258 WarningTask failed to start.
Venu
Reply
3 Replies
vnaidu
Reliable Contributor vnaidu
Reliable Contributor
Report Inappropriate Content
Message 2 of 4
‎03-19-2019 01:45 AM

Re: VirusScan is disabled or scan is ended?

Jump to solution

@Schopenhauer It is an informational event related to On Access Scan which doesn't mean that your VSE become dormant.

I would like you to perform an EICAR test to confirm that your VSE is active by following the KB article KB59742.

Hope this helps your question.

Venu
Reply
Schopenhauer
Schopenhauer
Level 9
Report Inappropriate Content
Message 3 of 4
‎03-19-2019 01:52 AM

Re: VirusScan is disabled or scan is ended?

Jump to solution
Thank you.
But where is the information about that this event is related to On Access Scan? Because I tried to find and no luck. On McAfee KB there is just short description without any specifics aka "service is disabled", but what service, I did not find it.
0 Kudos
Reply
vnaidu
Reliable Contributor vnaidu
Reliable Contributor
Report Inappropriate Content
Message 4 of 4
‎03-19-2019 02:06 AM

Re: VirusScan is disabled or scan is ended?

Jump to solution

Dear@Schopenhauer 

Please find the below table, which is described in the KB article KB52417, please note that McAfee uses the same event ID as microsoft uses for service stopped started or error etc.

1064OASSEVERITY_INFORMATIONALops.service.startNone257InformationService was started.
1065OAS SEVERITY_INFORMATIONAL ops.service.endNone257InformationService ended.
1067 ODSSEVERITY_MINORops.service.errorNone258 WarningTask failed to start.
Venu
Reply
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator