Checking the scan action and rescanning the identified computers

Article:HOWTO80991  |  Created: 2012-10-24  |  Updated: 2014-09-21  |  Article URL http://www.symantec.com/docs/HOWTO80991
Article Type
How To


Subject


Checking the scan action and rescanning the identified computers

If you have infected and at-risk computers, you should identify why the computers are still infected or at risk. Check the action that was taken for each risk on the infected and at risk computers. It may be that the action that was configured and taken was Left Alone. If the action was Left Alone, you should either clean the risk from the computer, remove the computer from the network, or accept the risk. For Windows clients, you might want to edit the Virus and Spyware Protection policy and change the scan action.

See Remediating risks on the computers in your network

To identify the actions that need to be changed and rescan the identified computers

  1. In the console, click Monitors.

  2. On the Logs tab, select the Risk log, and then click View Log.

    From the Risk log event column, you can see what happened and the action that was taken. From the Risk Name column, you can see the names of the risks that are still active. From the Domain Group User column you can see which group the computer is a member of.

    If a client is at risk because a scan took the action Left Alone, you may need to change the Virus and Spyware Protection policy for the group. In the Computer column, you can see the names of the computers that still have active risks on them.

    See Changing the action that Symantec Endpoint Protection takes when it makes a detection.

    If your policy is configured to use Push mode, it is pushed out to the clients in the group at the next heartbeat.

    See How the client computers get policy updates.

  3. Click Back.

  4. On the Logs tab, select the Computer Status log, and then click View Log.

  5. If you changed an action and pushed out a new policy, select the computers that need to be rescanned with the new settings.

  6. In the Command list box, select Scan, and then click Start to rescan the computers.

    You can monitor the status of the Scan command from the Command Status tab.


Legacy ID



v45241999_v81626096


Article URL http://www.symantec.com/docs/HOWTO80991


Terms of use for this information are found in Legal Notices