am runing some reports from EPO 4.5 and some of the catched virus cleaned, delete or block. but another thing appears in the action taken whic is NONE. what is that mean? and where i can change the action taken In EPO when virus detected.
Thank you.
How to set primary and secondary actions that need to take place on discovery of a virus
Scheduled On-Demand Scans do not prompt the user for action
Thanks Bakerrl,
Very good info, just some clarifications, as i understood,
On -Demand Scan is a scheduled scan done by the user. correct?
On -Access scaner is a real time scan by Mcafee. correct?
For on demand scan, i have configured an actions through EPO (clean then delete) but still in my reports i can see action taken is NONE so is that mean i need to configure the On -access scaner action taken also, maybe the action taken (NONE) which appears in the report is derived from the access scanner action taken? if i was correct, how can i do it from EPO?
Thanks again for the help.
Message was edited by: hotelcalefornia on 12/4/11 2:01:52 AM CST
Message was edited by: hotelcalefornia on 12/5/11 3:48:25 AM CSTOn-Demand Scan can be scheduled or run manually.
On-Access is scanning all the time.
You set your On-Access scan policies in the same general area.
Hi,
I searched and found On Four categories for on access scan policy:
I believe, i must set the action taken on all of them the to monitor if the action taken =NONe result back again. correct?
Regards,
If you are using different policies for default, low and high-risk policies.
Hi - I'm having the same problem, I set an ODS and in order for me to see the results of that scan I created a threat events query, and filtered by the 'anylzer detection method'. When I run this query, I get Deleted, Cleaned and None. When drilling down into the table and an inividual system it shows 'found infected files' , and threat handled: 'true'??
More update:
I have run a query report to catch all action taken = none and found alot of viruses with action taken none also some threats type are none and action taken is none:
Probably be best to contact support so you can get a better explanation on these.
I've seen these before but for the life of me cannot remember the exact explaination. Seem to recall that the executable portion of the virus code was removed but the signature stamp is still present.
Don't quote me on that though, I'll see if I can find a definative answer
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA