Create a ePO query (Threat events) where select Threat Name (Contains) : CRIDEX
If any machine infected with this virus and McAfee detected than it will comes in ePO report.
Follow below steps :
1. New query.
2. Result type as Events > Threat Events
2. Chart as Table
3. Next > Columns (Where you can select required columns as per your requiredment)
4. Next > Filter > and select Threat Name (From Laft side under Available Properties > Threat events) where select Contains and put value as CRIDEX then RUN the query.
To test if query is correct or not, put Threat Name Contains as Generic (Common Threat) and see report is showing some Data than it is correct.
1 of 1 people found this helpful
As per MS Article McAfee will detect as : PWS-Spyeye.de
Edit the query and put threat name as PWS-Spyeye.de, If no events found than your client environment is free from this virus. So no need to run scan on all machines as it is detected by McAfee
Searching for PWS-Spyeye.de also came up with no results, so I guess we are on safe side then. Thank you for your replies.
Moved to Malware Discussion > Corporate User Assistance as a better spot for filing this issue.