cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
hotelcalefornia
Level 7
Report Inappropriate Content
Message 1 of 10
‎11-30-2011 09:10 AM

action taken = None

am runing some reports from EPO 4.5 and some of the catched virus cleaned, delete or block. but another thing appears in the action taken whic is NONE. what is that mean? and where i can change the action taken In EPO when virus detected.

Thank you.

0 Kudos
Reply
9 Replies
bakerrl
Level 11
Report Inappropriate Content
Message 2 of 10
‎11-30-2011 12:56 PM

Re: action taken = None

How to set primary and secondary actions that need to take place on discovery of a virus

https://kc.mcafee.com/corporate/index?page=content&id=KB52961&actp=search&viewlocale=en_US&searchid=...

Scheduled On-Demand Scans do not prompt the user for action

https://kc.mcafee.com/corporate/index?page=content&id=KB52688&actp=search&viewlocale=en_US&searchid=...

0 Kudos
Reply
hotelcalefornia
Level 7
Report Inappropriate Content
Message 3 of 10
‎12-04-2011 12:00 AM

Re: action taken = None

Thanks Bakerrl,

Very good info, just some clarifications, as i understood,

On -Demand Scan is a scheduled scan done by the user. correct?

On -Access scaner is a real time scan by Mcafee. correct?

For on demand scan, i have configured an actions through EPO  (clean then delete) but still in my reports i can see action taken is NONE so is that mean i need to configure the On -access scaner action taken also, maybe the action taken (NONE) which appears in the report  is derived from the access scanner action taken? if i was correct, how can i do it from EPO?

Thanks again for the help.

Message was edited by: hotelcalefornia on 12/4/11 2:01:52 AM CST

Message was edited by: hotelcalefornia on 12/5/11 3:48:25 AM CST
0 Kudos
Reply
bakerrl
Level 11
Report Inappropriate Content
Message 4 of 10
‎12-05-2011 05:45 AM

Re: action taken = None

On-Demand Scan can be scheduled or run manually.

On-Access is scanning all the time.

You set your On-Access scan policies in the same general area.

0 Kudos
Reply
hotelcalefornia
Level 7
Report Inappropriate Content
Message 5 of 10
‎12-06-2011 07:28 AM

Re: action taken = None

Hi,

I searched and found On Four categories for on access scan policy: Mcafee.bmp

I believe, i must set the action taken on all of them the to monitor if the action taken =NONe result back again. correct?

Regards,

0 Kudos
Reply
bakerrl
Level 11
Report Inappropriate Content
Message 6 of 10
‎12-06-2011 07:34 AM

Re: action taken = None

If you are using different policies for default, low and high-risk policies.

0 Kudos
Reply
gillyx0101
Level 7
Report Inappropriate Content
Message 7 of 10
‎12-06-2011 07:34 AM

Re: action taken = None

Hi - I'm having the same problem, I set an ODS and in order for me to see the results of that scan I created a threat events query, and filtered by the 'anylzer detection method'.  When I run this query, I get Deleted, Cleaned and None.  When drilling down into the table and an inividual system it shows 'found infected files' , and threat handled: 'true'??

Capture.JPG

0 Kudos
Reply
hotelcalefornia
Level 7
Report Inappropriate Content
Message 8 of 10
‎12-06-2011 07:50 AM

Re: action taken = None

More update:

I have run a query report to catch all action taken = none and found alot of viruses with action taken none also some threats type are none and action taken is none:

untitled.bmp

0 Kudos
Reply
bakerrl
Level 11
Report Inappropriate Content
Message 9 of 10
‎12-06-2011 08:01 AM

Re: action taken = None

Probably be best to contact support so you can get a better explanation on these.

0 Kudos
Reply
andy_judge
Level 10
Report Inappropriate Content
Message 10 of 10
‎12-09-2011 06:16 AM

Re: action taken = None

I've seen these before but for the life of me cannot remember the exact explaination. Seem to recall that the executable portion of the virus code was removed but the signature stamp is still present.

Don't quote me on that though, I'll see if I can find a definative answer

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC