Detected Threats

  • 4 December 2013
  • 1 reply

The admin console is showing that my PC is infected, last infected december 4th
When clicking on view next to the last infected and under the blocked programs, it doesnt show the december 4th infection, the last infection it shows is from december 2nd.
however when I click on december 4th under endpoints infected in teh last 7 days, i see my PC, and when i click on it i see the last infection.

Why does it now show in the first view? thanks 

Best answer by MikeR 6 December 2013, 17:50

View original

1 reply

Userlevel 7
Have you activated notifications for PUAs within the admin console? If not, you can enable this setting and your reports should reflect PUAs that are removed or that are being flagged as a possible infection.
  1. Log into
  2. Click “Endpoint Protection”
  3. Click the “Policies” tab
  4. You will need to have a custom policy created to modify the setting needed. (If you do not have a custom policy set yet, click “Recommended Defaults” and then click “Copy” at the top of the list. Input a name and description, then click “Create Policy”)
  5. Double click your custom policy to open the settings dialogue
  6. Click “Scan Settings” on the left hand side
  7. The last option in this area is “Detect Possibly Unwanted Applications (PUAs) as malicious” d, click where  it says “Off” at the end, then click the drop down box and select “On”.
  8. Click “Save Changes” and “Promote Draft Changes to Live”
  9. If this policy is not already applied to your end points, click the “Group Management” tab
  10. Place a check next to any affected endpoints, then select “Apply Policy to Endpoints”
  11. Select the newly modified policy from the list and click “Apply”
  12. After the next polling interval, the system will detect and remove PUA files as malicious
Kudos to @ for the exact instructions!