Checking the scan action and rescanning the identified computers
If you have infected and at-risk computers, you should identify why the computers are still infected or at risk. Check the action that was taken for each risk on the infected and at-risk computers. It may be that the action that was configured and taken was Left Alone. If the action was Left Alone, you should either clean the risk from the computer, remove the computer from the network, or accept the risk. For Windows clients, you might want to edit the Virus and Spyware Protection policy and change the scan action. See:
- To identify the actions that need to be changed and rescan the identified computers
- In the console, clickMonitors.
- On theLogstab, select the Risk log, and then clickView Log.From the Risk log event column, you can see what happened and the action that was taken. From the Risk Name column, you can see the names of the risks that are still active. From the Domain Group User column you can see which group the computer is a member of.If a client is at risk because a scan took the actionLeft Alone, you may need to change the Virus and Spyware Protection policy for the group. In theComputercolumn, you can see the names of the computers that still have active risks on them. See:If your policy is configured to use push mode, it is pushed out to the clients in the group at the next heartbeat. See:
- On theLogstab, select the Computer Status log, and then clickView Log.
- If you changed an action and pushed out a new policy, select the computers that need to be rescanned with the new settings.
- In theCommandlist box, selectScan, and then clickStartto rescan the computers.You can monitor the status of the Scan command from theCommand Statustab.