0 Replies Latest reply on Sep 24, 2015 9:08 PM by marcrogers

    Cloud ePo trial (ePo 5.4.0) not deleting threats

    marcrogers

      Hi

       

      I am trying out the cloud version of ePo for my organization.

       

      The initial deployment seemed to go fine, I activated the cloud account, instructed it to deploy to a test laptop and an hour later it completed the task. But.....

       

      1)The endpoint security for mac software failed to do its initial scan

       

      2) It does  find the malware I put for a test on my system, but fails to delete it. This is despite the configuration being clearly set to "delete".

      Note: There is no reason it shouldnt be able to delete the file - here are the the permissions for the sample: -rw-r-----  1 marc  staff  25576 Sep 15 09:55 Sara_Olivia_resume.doc

       

      2) is clearly a showstopper for us. not much point in endpoint protection that has no teeth.

       

      Looking in the logs all is see is the following:

      Sep 24 18:59:54 162-245-22-170.v250d.PUBLIC.monkeybrains.net McAfee: [91]: Info: LogTime: 2015-Sep-24 18:59:54 AVAS: PID: 96 : Infection found: /Users/marc/Desktop/Malware & Phishing/Resume Malware/uncompressed/Sara_Olivia_resume.doc is infected with  Downloader-FAYF!D7807D673CAE, type of infection is Trojan, accessed by Finder, action taken is Delete failed.

       

      This is duly reported up to the ePo which keeps reporting over and over again that there is an infection.

       

      Any suggestions? I have tried enabling debug logging but it doesn't seem to tell me anything additional.

       

       

       

      Marc