SEP 12 Actual Action "Moved Back"
Reviewing our logs, I've found a virus alert that SEP12 has the Actual Action listed as "Moved Back". I've found reference to this in the Actual Action Schema (ActualAction_9 = Moved back) but I cannot determine what this means in simple terms.
We are reviewing these events to determine if SEP12 has effectively mitigated the file in question or additional actions would need to be taken (such as with the Actual Action "Left Alone").
Any help or guidance would be much appreciated.