Pages 91 - 93, Using the command line with VirusScan Enterprise
On Page 92:
MHEUR Enables Artemis detection of macro threats.
PHEUR Enables Artemis detection of non-macro threats.
These are the only parameters that mention Artemis.
Based on this, I would say: No levels can be set via the command line.
This makes sense to me, as I believe it is McShield that is actually running the 'scan' and requesting Artemis info. (Scanxx simply submits the files to McShield for scanning.) Since changing this parameter would change all uses of McShield, I think that it is architecturally set across the entire VSE platform. The parameters above seem to enable additional files but not a level change. Of course, without source code I cannot confirm this, but this is my belief. Maybe someone from McAfee can confirm or deny this.
Yes, I did see the command-line options, but that is the problem. On/Off seems to be the only thing, but what does mean. What default is it currently using with that switch? Im not sure if thats true out the mcshield process. currently you can run a ODS with high artemis while On access is a different level. What would be the difference that intiating it via command line? Probably commandline is how EPO is initiating or the client is initiating a scan anyways.
On/Off seems to be the only thing, but what does mean.
Exactly that: Use or Don't Use Artemis.
What default is it currently using with that switch?
That depends on which 'Task' you are running. Search the registry key HKLM\Software\McAfee\ key for 'Artemis' and you will find 'ArtemisEnabled' and 'ArtemisLevel' for different tasks and processes. Each ODS scan has a GUID associated with it which would override the default settings found in it's parent. Not sure what key would be read for Scan32 or Scan64. Unless there is an undocumented command line option, I don't know of any way to change the ArtemisLevel.
What would be the difference that intiating it via command line? Probably commandline is how EPO is initiating or the client is initiating a scan anyways.
I think that ePO simply initiates the 'Task' where all of the parameters are defined in the registry. No need for complicated command lines this way. This way all ePO needs to know is the GUID of the task. Changing the settings can be done as registry entry changes to that task. ePO simply initiates each task with whatever registry entries define that task.
I don't know of any simple answer for changing the ArtemisLevel for Scan32 or Scan64.