0 Replies Latest reply on Nov 2, 2014 5:48 PM by shaunl

    ePO 5.1 Virus Detection Automatic Responses with MOVE

    shaunl

      We have just implemented MOVE 3.5 Agentless for our VMware virtual servers and need a bit of assistance with automatic response configuration.

       

      Below is a copy of one of the automatic response that we have received and as you can see, it is found by the MOVE virtual appliance. I want to get the automatic response to show what Virtual Server that the Malware was found not the MOVE appliance. Has anyone done this before?

       

      34426Malware detected access denied.Threat Information

           Response Name: Malware detected and handled

           Threat Severity: Alert

           Threat Type: Trojan

           Target Filename: C:\Documents and Settings\username\Local Settings\Temporary Internet Files\Content.IE5\OW36SNA9\membership[1].html

           Threat Name: JS/Redirector.bz

           Number of events: 1

       

      Threat Result:

           Threat Handled: true

           Threat Action: Malware detected access denied.

       

      Computer & User Details

           Username:

          System Hostname: sva-hostname

           System Location: GlobalRoot\Directory\McAfee MOVE

           Reference IP Address: xx.xx.xx.xx

           OS Type: Linux

       

      McAfee Details:

           Scanned By: OAS

           VSE Version: MOVE AV Agentless 3.5.0

           DAT Version: 7610.0000

           Engine Version: 5600.1067