I have an automatic response that is supposed to send an email when certain things are found. It emails to one address when threats are handled and to another address when threats are found and are not handled for any reason.
I have received the threats handled emails, but I just ran a manual VSE 8.8 report and found PUPs detected over the last week that were not handled "access denied", but no e-mail notification was sent out even though the on demand scheduled scan is finding the same PUP every night.
The criteria is for the automatic response is:
Threat Category belongs to "Malware detected"
and Threat Handled equals "false"
It is not working, Does something else need to be done to make this detection e-mail repsonse work for PUP?
on 7/31/12 3:15:34 PM CDT
I don't believe a PUP is considered "Malware". You need to look at the details for the PUP detection inside ePO (Menu | Reporting | Threat Event Log) and see what the event category is. I suspect it is not "malware".