Our installation of KAV Workspace has been configured to send out messages if it finds anything dodgy as the result of a scan. It has in some cases on some PCs...

Is there a way for me to deal with these threats from the admin consol on the server? - I've downloaded some of the PDF user manuals and I can't see where this is detailed...

I am getting messages such as this:



Any help greatly appreciated!

You must create a policy for network agent.

Then you can manage the quarantine or backup.

Under the "Settings" tab of a "Network Agent" policy, you can set;

"Transfer infomration about quarantined objects to the Administraion server", and
"Transfer infomration about the objects in Backup to the Administraion server"

Then in the admin kit, at the bottom of the tree, under "Storages", you can use the "Quarantine" and "Backup" menus to mange anything that has been picked up by the PC's.

I don't think it stores anything on the server, I believe these are just information about what's on the PC's. Deleting them from the admin kit, then deletes them from the actual PC, not the server.

Yes it´s right.

Its only information. The storage of quarantine and backup is local on the clients.

Thanks guys, I've added the policy, I ticked both the storages options and both have appeared at the bottom as someone above said they would. Other than that I kept the options pretty much as default. (I kept screenshots of the policy steps so I can refer to them if needs be)

I've looked down the bottom in the storages section, quarantine looks to be empty and backup has one item.

The two emails I received this morning related to PC '23' and both the same: 'Trojan-Downloader.JS.Iframe.bdl

However, there's nothing from PC 23 in the storage section.

Previous emails I have received concern PCs:

PC 1: 'Trojan.Win32.GoPackages.a'
PC 26: 'Trojan-Clicker.HTML.IFrame.ail'

Why is there nothing in the storages section for 1 and 23? - Could the users have already deleted something / interviened?

I assume I just right click the file for PC 26 in the backup section and click delete?

Then I wait until the next scan and see what it picks up? (We've set it to scan using WOL every morning at the moment, so PCs can get up to date with Windows update!)

Also, as a slight aside - what's the risk of these kind of viruses on these client PCs - on a scale of 1-10 kinda thing, if 1 was don't worry and 10 was 'ultra critical'

Thanks guys.

I'm still getting the identical messages for PC23 - yet there is nothing in the storage section - for this PC or any - is there any reason why something would not be in there?!

Please check which modul found that malware. Is it web-anti-virus?