1 Reply Latest reply on May 23, 2011 3:44 AM by Attila Polinger

    Unhandled detections

      Hello everyone,

       

      I frequently find that Mcafee Virusscan (version agnostic) is unable to handle a file infected in a pen drive.

      MCafee Virusscan Pen drive detection.jpg

       

      In my reports, where I choose only to see unhandled threats detections - the one's I should care about - every day Virusscan fails to take an action.

       

      a) How can I justify this to managers?

      b) How can I address this? - better - how can Mcafee Virusscan address this?

       

       

      Currently using EPO 4.5 SP1, Agent 4.5, VS 8.8

       

      Kind regards,

       

      Marco Negrinho

        • 1. Re: Unhandled detections
          Attila Polinger

          Hello Marco,

           

          first would you extend your report with the "Event Description" field (single field in single column head among Available Columns)? It may have additional information as to the reason of non-handling the threat (for example like this: "Unable to clean, delete on reboot")

           

          I have not figured out yet what action is considered "handling the threat" and what not, but for example denying access might mean "not handling" the threat whereas "clean" or "delete" actions might mean "handling" it.

           

          Attila