Details
Malware may have infected a file that is necessary to the user. By configuring the antivirus software to first attempt cleaning the infected file, availability to the file is not sacrificed. If a cleaning attempt is not successful, however, deleting the file is the only safe option so as to ensure the malware is not introduced onto the system or network.
Solution
From the ePO server console System Tree, select the Systems tab, select the asset to be checked, select Actions, select Agent, and select Modify Tasks on a Single System. From the list of available tasks in the Task Name column, with the assistance of the ePO SA, identify the weekly on demand client scan task. In the same row as the client scan task under review, under the Task Type column, ensure it is an ‘On Demand scan’ and in the Status column, ensure that the status is ‘Enabled’. In the Task Name column, select the weekly on demand task. Under the Actions tab, locate the ‘When a threat is found:’ label. From the ‘Perform this action first:’ pull down menu, select ‘Clean files’. Select Save.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.
References
- 800-53|SI-3c.2.
- CAT|II
- CCI|CCI-001243
- Rule-ID|SV-55203r3_rule
- STIG-ID|DTAM056
- Vuln-ID|V-6616