Product guide
• For Microsoft Windows XP, Microsoft Vista, Microsoft 2000 Server, Microsoft 2003 Server,
and Microsoft 2008 Server — C:\Documents and Settings\All Users\Application
Data\McAfee\DesktopProtection
• For Microsoft Windows 7 — C:\ProgramData\McAfee\DesktopProtection
Table 1: Log files
DisplaysHow to accessFile name
Date, time, event, user,
and name of file.
In the Task column, click Access Protection |
Reports tab, and click View Log.
AccessProtectionLog.txt
Date, time, what
executable caused the
In the Task column, click Buffer Overflow
Protection | Reports tab, and click View Log.
BufferOverflowProtectionLog.txt
overflow, and if it was a
stack or heap overflow.
Date, time, path to the
mirror files, and any
additional information.
MirrorLog.txt
• For Microsoft Windows XP, Microsoft Vista,
Microsoft 2000 Server, Microsoft 2003 Server,
and Microsoft 2008 Server — C:\Documents and
Settings\All Users\Application
Data\McAfee\DesktopProtection
• For Microsoft Windows 7 —
C:\ProgramData\McAfee\DesktopProtection
Date, time, detected
malware, what action was
In the Task column, click On-Access Scanner |
General Settings | Reports tab, and click View
Log.
OnAccessScanLog.txt
taken, and what was
found.
Date, time scan occurred,
any action performed, to
From the menu, click Task | View Log.
OnDemandScanLog.txt
what file, and what was
found.
Date, time update
occurred, who initiated
UpdateLog.txt
• For Microsoft Windows XP, Microsoft Vista,
Microsoft 2000 Server, Microsoft 2003 Server,
the update, and anyand Microsoft 2008 Server — C:\Documents and
information about the
update.
Settings\All Users\Application
Data\McAfee\DesktopProtection
• For Microsoft Windows 7 —
C:\ProgramData\McAfee\DesktopProtection
Running an example query
Run a simple query to determine how many threats were detected per week on your managed
systems. This query is just an example. The queries you run or configure depend on the
information you want to retrieve from the ePolicy Orchestrator database.
Task
For option definitions, click ? in the interface.
1 Use one of the following to run a simple ePolicy Orchestrator query:
• ePolicy Orchestrator 4.5 or 4.6 — Click Menu | Reporting | Queries, scroll down to
the VSE: Threats Detected per Weeks query, and click Run.
• ePolicy Orchestrator 4.0 — Click Reporting | Queries, scroll down to the VSE: Threats
Detected per Weeks query, and click Run.
2 If any threats were detected, the query output display shows the following:
• A bar chart with the number of threats and in which weeks they occurred.
Part IV - Monitoring, Analyzing, and Fine-Tuning Your Protection
Monitoring activity in your environment
85McAfee VirusScan Enterprise 8.8 Product Guide