am runing some reports from EPO 4.5 and some of the catched virus cleaned, delete or block. but another thing appears in the action taken whic is NONE. what is that mean? and where i can change the action taken In EPO when virus detected.
How to set primary and secondary actions that need to take place on discovery of a virus
Scheduled On-Demand Scans do not prompt the user for action
Very good info, just some clarifications, as i understood,
On -Demand Scan is a scheduled scan done by the user. correct?
On -Access scaner is a real time scan by Mcafee. correct?
For on demand scan, i have configured an actions through EPO (clean then delete) but still in my reports i can see action taken is NONE so is that mean i need to configure the On -access scaner action taken also, maybe the action taken (NONE) which appears in the report is derived from the access scanner action taken? if i was correct, how can i do it from EPO?
Thanks again for the help.
Message was edited by: hotelcalefornia on 12/4/11 2:01:52 AM CSTMessage was edited by: hotelcalefornia on 12/5/11 3:48:25 AM CST
I searched and found On Four categories for on access scan policy:
I believe, i must set the action taken on all of them the to monitor if the action taken =NONe result back again. correct?
Hi - I'm having the same problem, I set an ODS and in order for me to see the results of that scan I created a threat events query, and filtered by the 'anylzer detection method'. When I run this query, I get Deleted, Cleaned and None. When drilling down into the table and an inividual system it shows 'found infected files' , and threat handled: 'true'??
I've seen these before but for the life of me cannot remember the exact explaination. Seem to recall that the executable portion of the virus code was removed but the signature stamp is still present.
Don't quote me on that though, I'll see if I can find a definative answer