7 Replies Latest reply on Jul 25, 2010 4:12 AM by Attila Polinger

    Automatic e-mails too sensitive...firing every few minutes.

      Hello...just upgraded to ePO 4.5 and have configured a notification event to send an email when a threat is detected and not handled.  I have the rule set as following:



      Defined at:  My Organization


      Threat Type:


      equals virus or

      equals trojan or

      equals adware or

      equals p2p client or

      equals password cracker or

      equals rootkit or

      equals spyware




      threat handled equals false




      detecting product name equals virusscan enterprise




      threat severity equals alert






      I am receiving alerts on all kinds of items which I know are normal activity, such as dameware, autorun on discs, and even Mcafee files.


      Dameware: Virus

      agtmetadet.mcs(mcafee EPOAgent3000Meta): Virus

      netterm.exe: virus

      \Network Associates\Common Framework\UpdateHistory.ini:  virus

      C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\AgentEvents\20100721151337761000008E0.txml: virus



      Should I set Threat Severity to Critical? Any other ideas?





      Message was edited by: aquilisdicio on 7/21/10 2:28:35 PM CDT