Manualshelf

Product guide

ManualsBrandsMcAfee ManualsCamcorderVIRUSSCAN 8.7I
21222324252627282930
Scanning comparison: writing to disk vs. reading from disk
The on-access scanner treats scans differently depending on whether the user is writing to disk
or reading from disk.
When files are being written to disk, it scans these items:
Incoming files being written to the local hard drive.
Files being created on the local hard drive or a mapped network drive (this includes new
files, modified files, or files being copied or moved from one drive to another).
When files are being read from disk, it scans these items:
Outgoing files being read from the local hard drive. Select On network drives on the Scan
Items tab to include remote network files.
Any file being executed on the local hard drive.
Any file opened on the local hard drive.
Any file being renamed on the local hard drive, if the file properties have changed.
Scanning comparison: scanning all files vs. scanning default +
additional file types
The on-access scanner treats scans differently depending on whether it is configured to scan
all files or to scan default plus additional file types.
When scanning All files, the scanner scans every file type for all possible threats.
When scanning Default + additional file types, the scanner examines a specific list of files
based on the file types you select.
Default file types: the scanner examines the specified file type only for threats that attack
that file type. For example, when scanning an XLS file, the scanner scans XLS files for threats
that attack XLS files, such as macros. The scanner does not scan the XLS files for threats
like PE (portable executable) infectors or even the EICAR test file. If the XLS file is renamed
to that different file type, the scanner scans the renamed file for the threats that affect the
newly named file type.
Additional file types: the scanner scans the file type for all possible threats, as it does for
All files.
Script scanning and how it works
The script scanner operates as a proxy component to the real Windows scripting host component.
It intercepts scripts, then scans them before they are executed.
If the script is clean, it is passed on to the real scripting host component.
If the script contains a potential threat, the script is not executed.
The script scanner loads into the process that’s running the script, so if that process crashes,
you see ScriptProxy.dll and Mytilus.dll in its memory space. It loads the DAT file and scan engine
too, which significantly increases the memory footprint of that process.
Scanning Items On-Access
Script scanning and how it works
McAfee VirusScan Enterprise 8.7i30