Action invalid
Action taken
Specifies the action taken that you want to view information about.
Select one of the following actions:
All
Access denied
View events where Auto-Protect prevented a file from being created.
View events where the action taken was invalid. These risks may still be present on the computer.
All actions failed
View events where both the primary action and the secondary action that is configured for the risk cannot be carried out for some reason.
Cleaned
View events where the software cleaned a virus from the computer.
Cleaned by deletion
View events where the action configured was "clean," but a file was deleted because that was the only way to clean it. For example, this action is generally needed for Trojan horse programs.
Cleaned or macros deleted
View events where a macro virus was cleaned from a file either by deletion or some other means. This action applies only to events that have been received from computers running Symantec AntiVirus 8.x or earlier versions.
Deleted
View events where the software deleted an object, such as a file or a registry key, to remove a risk.
Excluded
View events where users chose to exclude a security risk from detection. For example, this action can occur when a user is prompted for permission to terminate a process.
Left alone
View events where a risk was left alone. This action can occur if the first configured action is Leave alone. It also occurs if the second configured action was Leave alone and the first configured action was not successful. This action may mean that a risk is active on the computer.
No repair available
View events where a risk was detected but no repair is available for the side effects of this risk.
Partially repaired
View events where Symantec Endpoint Protection cannot completely repair the effects of a virus or security risk.
Pending repair
View events where a user still needs to take action to complete the remediation of a risk on a computer. This action may occur if a user hasn't responded to a prompt to terminate a process, for example.
Process terminated
View events where a process had to be terminated on a computer to mitigate a risk.
Process termination pending restart
View events where a computer needs to be restarted to terminate a process to mitigate a risk.
Quarantined
View events where Symantec Endpoint Protection quarantined a virus or a security risk.
Suspicious
View the events where a TruScan Proactive Threat Scan detected a potential risk but has not remediated it. The scan did not remediate the risk either because it cannot or because you have configured it to only log detections. view page 100 of the help file in the help and support of symantec manager