SecureAnywhere may sometimes detect a file that seems legitimate, but also exhibits questionable behavior. In these cases, it classifies the file as Undetermined.
To locate files that SecureAnywhere classified as Undetermined on the last scan, generate the Endpoints with Undetermined Software on Last Scan report. You can select an endpoint to drill down for more details about the files.
To generate the Endpoints with Undetermined Software on Last Scan report:
- In the Endpoint Protection console, click the Reports tab.
- From the Report Type drop-down menu, select Endpoint with undetermined software on last scan.
- To include deactivated and hidden endpoints in the report, select the Include deactivated and hidden checkbox. This is an optional step.
- Click the Submit button.
The report displays in the right pane, displaying all the endpoints.
- To view more details about the undetermined software found, click an endpoint's row to see details in the bottom.
- From this panel, you can select a file and click Create override to reclassify the file as follows:
- Good — Always allow the file to run on the endpoint. Do not detect the file during scans or send it to quarantine. After you select Good, the file is listed in the Overrides tab with Good as the Manual Determination, but the Cloud Determination remains Undetermined.
- Bad — Always send the file to quarantine when detected during scans. After you select Bad, the file is listed in the Overrides tab with Bad as the Manual Determination, but the Cloud Determination remains Undetermined.
You can also select whether you want to apply this override to all policies or selected policies, so you don't need to create this override again on other endpoints.
- To display or hide additional data for the report, click a column header to display the drop-down menu, then select checkboxes to add, or remove columns.