Endpoint Protection

 View Only

  • 1.  Action invalid what is the def of this?

    Posted Dec 21, 2009 12:00 PM
    i know actions like quarntended etc but what is action invalid?


  • 2.  RE: Action invalid what is the def of this?

    Posted Dec 21, 2009 12:07 PM

    Do you get the following message?.

    The action type is invalid (0x12020000)

    In case you get some other error message please paste the screenshot of the same


  • 3.  RE: Action invalid what is the def of this?
    Best Answer

    Posted Dec 21, 2009 12:08 PM
    it means

    Action invalid

    View events where the action taken was invalid. These risks may still be present on the computer.

    Action taken

    Specifies the action taken that you want to view information about.

    Select one of the following actions:

    • All

    • Access denied

      View events where Auto-Protect prevented a file from being created.

    • Action invalid

      View events where the action taken was invalid. These risks may still be present on the computer.

    • All actions failed

      View events where both the primary action and the secondary action that is configured for the risk cannot be carried out for some reason.

    • Cleaned

      View events where the software cleaned a virus from the computer.

    • Cleaned by deletion

      View events where the action configured was "clean," but a file was deleted because that was the only way to clean it. For example, this action is generally needed for Trojan horse programs.

    • Cleaned or macros deleted

      View events where a macro virus was cleaned from a file either by deletion or some other means. This action applies only to events that have been received from computers running Symantec AntiVirus 8.x or earlier versions.

    • Deleted

      View events where the software deleted an object, such as a file or a registry key, to remove a risk.

    • Excluded

      View events where users chose to exclude a security risk from detection. For example, this action can occur when a user is prompted for permission to terminate a process.

    • Left alone

      View events where a risk was left alone. This action can occur if the first configured action is Leave alone. It also occurs if the second configured action was Leave alone and the first configured action was not successful. This action may mean that a risk is active on the computer.

    • No repair available

      View events where a risk was detected but no repair is available for the side effects of this risk.

    • Partially repaired

      View events where Symantec Endpoint Protection cannot completely repair the effects of a virus or security risk.

    • Pending repair

      View events where a user still needs to take action to complete the remediation of a risk on a computer. This action may occur if a user hasn't responded to a prompt to terminate a process, for example.

    • Process terminated

      View events where a process had to be terminated on a computer to mitigate a risk.

    • Process termination pending restart

      View events where a computer needs to be restarted to terminate a process to mitigate a risk.

    • Quarantined

      View events where Symantec Endpoint Protection quarantined a virus or a security risk.

    • Suspicious

      View the events where a TruScan Proactive Threat Scan detected a potential risk but has not remediated it. The scan did not remediate the risk either because it cannot or because you have configured it to only log detections.
      view page 100 of the help file in the help and support of symantec manager
     


  • 4.  RE: Action invalid what is the def of this?

    Posted Dec 21, 2009 12:12 PM
    See Realtime Statistacs page 13 -
    http://computing.wayne.edu/techsup/symantec7-doc/ERRMSGS.PDF

    Invalid action - An unsupported action was set to occur on
    infected files.

    I hope this was helpful.

    Thomas