Power Eraser does not remediate any detections during a scan because its aggressive detection capability is prone to false positives. You must request remediation for detected events from the logs after you review the detections and decide whether to remediate them or leave them alone. If you choose remediation, Power Eraser removes the files that are associated with the detection. However, you can restore the removed files until the logs are purged.
The log retention policy determines how long Power Eraser events are available. By default, the events are available for 14 days.
Make sure that the Power Eraser analysis completed.
The Computer Status log includes an icon that indicates the scan is complete.
The Scan log shows whether or not Power Eraser finished the analysis.
In the Risk log or on the Scan log > View detections page, select a single detection or multiple detections to which to apply an action.
Next to a particular risk that is labeled Potential risk found (Pending admin action), click the plus icon in the Action column.
Select multiple risks that are labeled Potential risk found (Pending admin action), and then select the action from the Action drop-down menu.
Choose one of the following actions:
Delete risk that Power Eraser detected
Remediates the risk by removing it from the computer. Power Eraser saves a safe backup file that can be restored.
Ignore risk that Power Eraser detected
Acknowledges that you reviewed the detection and do not want to remediate the risk.
This action changes the event action to "Left alone by Admin" in the management console logs only. The acknowledgement does not update the corresponding event action on the client. The client log view continues to show the event action as "Pending analysis."
If you selected an action from the Action drop-down menu, click Apply.
If you selected Ignore risk that Power Eraser detected, the detection now appears as Potential risk found (left alone).
You can restore a removed detection that is labeled Potential risk found (Removed) by selecting the Restore risk that Power Eraser deleted action.
Table: Summary of Power Eraser detection states
Pending admin action
Power Eraser detected the risk as a potential threat. You should review the risk and decide if Power Eraser should remediate the risk or acknowledge the risk and leave it alone.
An administrator restored any files that were moved when an administrator requested that Power Eraser remediate the risk.
An administrator requested that Power Eraser remediate and delete the risk. When Power Eraser deletes a risk, it deletes the files that are associated with the risk but makes safe backup copies that can be restored. You might want to restore a deleted risk that you later determine is not a risk. You can restore the files until the log events are purged.
Left alone by admin
An administrator requested that Power Eraser leave the risk alone.
Subscribing will provide email updates when this Article is updated. Login is required.