I have notification rules setup to email me when either an unwanted program or a virus is detected but not removed. I have been getting emails but its listing the threat that its finding as "Full Scan". The clients are set to scan on a nightly basis but I wouln't expect that to trip the event trigger. Here are the types of emails I am getting:

XP123ePolicy Orchestrator Notification Rule: Unwanted Program detected and not removed
Rule Defined At: Directory
Description: Notifications sends an e-mail message when "Unwanted Program Detected and Not Removed" events are received.

Number of events: 1
Source computer IP addresses: Not Available
Actual threat names: Full Scan
Actual products: VirusScan
Affected Computer: XP123
Affected objects: Not Available

For additional information, see the Notification Log in the ePolicy Orchestrator console.

and

ePolicy Orchestrator Notification Rule: Virus detected and not removed
Rule Defined At: Directory
Description: Notifications sends an e-mail message when "Virus Detected and Not Removed" events are received.

Number of events: 1
Source computer IP addresses: Not Available
Actual threat names: Full Scan
Actual products: VirusScan
Affected Computer: X123
Actual Threat: Full Scan

For additional information, see the Notification Log in the ePolicy Orchestrator console.

Now when I get an email regarding PC X I will get both a notice about an unwanted program and one about a virus. Is McAfee actually finding viruses/unwated programs or is some sort of false positive? The Server is EPO 4.0 with SP3 and running on 32bit Server 2003 with SP2.

Thanks!