Running ePO 4.0 with Virusscan 8.5i and 8.7i on laptops and workstations. If a virus is found on devices is there a best practice to removing the virus if the initial alert cannot delete the virus. Can it all be done via ePO or will it have to be manual intevention.
you can either drop the agent into a group with a full agressive scan or remote to VSE console and run a full agressive scan.
after that result it really depends on you
if I get cleans/deletes with no locks and I knowq its something that mcafee does ok i leave it at that, if its spyware and there are still issues I may remote in and run additional tools as Mcafee kinda suck for spyware/adware.
I prefer malwarebytes for just scans, rarely superantispyware for RTS ( although its a resource hog) and I am kind of in love with Microsofts online live scanner ( its backed up with a really good backend encyclodpedia on what the malware does/removal)