Manualshelf

Product guide

ManualsBrandsMcAfee ManualsCamcorderVIRUSSCAN 8.7I
41424344454647484950
ScenariosDetection Type
If the rule blocked the violation but did not report the violation in the log file, select
the Report option for the rule.
If the rule blocked the violation and reported it in the log file, no action is necessary.
If you find an unwanted process that was not detected, edit the rule to include it.
Legitimate processes If the rule reported the violation in the log file but did not block the violation, deselect
the Report option for the rule.
If the rule blocked the violation and reported it in the log file, edit the rule to exclude
the legitimate process.
Buffer overflow detections
When a buffer overflow detection occurs:
The scanner blocks the detection.
A message is recorded in the On-Access Scan Messages dialog box. View the dialog box,
then decide whether to take any of these additional actions:
Remove the message — Select the item in the list, then click Remove.
Create an exclusion — If the detected process is one that you legitimately use or a false
positive, create an exclusion using the information in the On-Access Scan Messages
dialog box. Review the information in the Name column to determine the name of the
process that owns the writable memory that is making the call. Use the process name
to create an exclusion.
Submit a sample to Avert Labs for analysis — If the scanner detects something that you
think it should not detect or does not detect something that you think it should, you can
send a sample to Avert Labs.
Unwanted program detections
The on-access, on-demand, and email scanners detect unwanted programs based on the
Unwanted Programs Policy you configured. When a detection occurs, the scanner that
detected the potentially unwanted program applies the action that you configured on the Actions
tab for that scanner.
Review the information in the log file, then decide whether to take any of these additional
actions:
Fine-tune scanning items to make your scans more efficient.
If a legitimate program was detected, you can exclude it from detection.
If an unwanted program was not detected, you can add it to the user-defined detection list.
Submit a sample to Avert Labs for analysis — If the scanner detects something that you
think it should not detect or does not detect something that you think it should, you can
send a sample to Avert Labs.
Responding to Detections
Buffer overflow detections
McAfee VirusScan Enterprise 8.7i46