McAfee TSA00M005PAA Processor Guide - Page 64

Using Virus and Spyware Protection How detections are handled How detections are handled The type of threat and the policy settings determine how virus and spyware protection handles a detection. Items with detections Files and programs Items with detections Items with detections Registry keys and cookies Registry keys and cookies How virus and spyware protection handles the detections Virus detections: Virus and spyware protection attempts to clean the file. If it can be cleaned, the user is not interrupted with an alert. If it cannot be cleaned, an alert appears, and the detected file is deleted. A copy is placed in the quarantine folder. Potentially unwanted program detections: In Protect mode, Hdreoeswtpeocvtniiosreun.ss aarnedclsepanyewdaorredperleotteedc.tIinonPrhoamnpdtlmesodthe,eudseertsemctuiostnsselect the In all cases, a backup copy of the original item is saved in a quarantine Hfoolwderv,iirnuas parnodprsieptyawryabrienaprryoftoermctaiot.nDhaatandfolresallthacetidvietyteisctuioplnosaded to tIhneaSlleccausreitsy,Caenbtaecrkufopr cuospeyinofrethpeorotsri.ginal item is saved in a quarantine NfoOldTeEr,: iFnilaesparoreprpielatacreydbinintaortyhfeorqmuaarta. nDtaintae ffoorldaelrl ainctaivfiotyrmisautptlhoaatdiesdntoo ltohnegSeercautrhitryeCaetnttoerthfeorcluiesnetincormeppourttesr.. It is not necessary to view or delete tNhOeTmE,:bFuilteysoaurempiglahcteodcicnatsoiotnhaellqyuwaaranntttinoedfoolsdoe.rIinn tahefosremsaittutahtaiotniss,nyoou mlonugsterviaewthrfeileast toonththeeclcieliennt tcocommppuutetre.rItbiys unsoitngnetcheessQaurayrtaonvtiineewVoirewdeelre. te Othnelmy u, sbeurts yloogugmedigohnt aosccaansaiodnmailnlyiswtraantotrtcoadnoacscoe.sIsnththeeQseuasriatunatitnioenVsi,eywoeur. mAfutesrt 3vi0ewdafyilse,sthoenstehefileclsieanrtecdoemleptuetde.r by using the Quarantine Viewer. Only users logged on as an administrator can access the Quarantine Viewer. ADfetteerc3ti0ondsaiynsit,iathllyesaeppfieleasr aarseDdeetleetcetde.d. Cleaning detected files also cleans their associated registry keys and cookies. Their status is then reported aDsetCelcetiaonnesdin.itially appear as Detected. Cleaning detected files also cleans their associated registry keys and cookies. Their status is then reported as Cleaned. Spyware protection mode and detections Spyware protection monitors programs that attempt to install or run on client computers. When it detects an unrecognized program, it either allows or blocks it. The response is based on the spyware protection mode selected in the policy assigned to the client computer. In this mode... Spyware protection does this... Protect In this mode... Checks the list of allowed and blocked programs created by the administrator for computers uSspinygwtahreepporliocyt.eIcfttiohen pdrooegrsatmhiiss.n..ot on the list, spyware protection blocks the potentially Protect uCnhwecaknstethdeplirsotgorfamall.owed and blocked programs created by the administrator for computers Prompt Cushiencgktshtehepolilsictyo. fIfatphperopvreodgraanmdisblnoockt eodn pthroeglrisatm, sspcyrweaatreedpbroytethcteioandbmloinciksstrathtoerpfootrentially cuonmwapnutteedrspursoignrgamth.e policy. Checks the list of programs the user has approved. If the Prompt cpCthorheomegcdprkeaustmteetchritsseiounlnisosittannoogdnftahaepeliltpohprweoorsvliecltiysdh.te,aCsnuhpdseyecbwrklaostorctekhsepeedlreloipcsttterocoagtfirropaenmsropdsgoisrncaprsmleeaa.ystsTethhdaeispburysosetmethtreipnhtgaawdsismitahtipnhipiensrftodorvaeremtfoadaru.tlfIitoof. rnthaebout Report pCrhoegcrkasmthise nliostt oonf aepitphreorvelisdt,asnpdywblaorcekepdropterocgtiroanmdsiscprleaaytseda pbryotmheptawdmithiniinsftorarmtoartfioonr about cthoemdpeutteecrtsiounsianngdthaellopwoslictyh.eIfutsheer tporosgerleacmt aisrneostpoonnsteh.eTlhisist,siet tsteinngdsisinthfoermdeaftaiuonlt.about Report tChheecpkostetnhteiallilsyt uonf wapapnrtoevdepdroagnrdamblotcoktehdepSreocgurarimtysCecrnetaetreadnbdytathkeesandomaindisdtirtaiotnoar lfoarction. computers using the policy. If the program is not on the list, it sends information about For all modes, detectiothnespaortenrtieapllyourtnewdanttoedthpreogSraemcutroittyhCe eSnectuerri,tywCehneterreaynodutackeasnnvoiaedwditiinonfoarl macatiotino.n about them in reports. NOTE: To prevent popup prompts from appearing on client computers when potentially unwanted programs are detected, and for highest security, we recommend using Protect mode. Mode Behavior of virus and spyware protection 64 McAfee Total Protection Service Product Guide MReopdoert B• ehaUvsieorrs oafrevinroutsparonmdpstpedywabaoruetpdreotteectcitoinosn. Report •• UDseetersctaiorensnaorteprreopmoprtteedd taobothuet dSeetceucrtiitoynCse.nter.