DTAM153 - McAfee VirusScan On-Access Scanner All Processes settings must be configured to not exclude any files from being scanned unless exclusions have been documented with, but also be approved by the ISSO/ISSM/AO.

Information

When scanning for malware, excluding specific files will increase the risk of a malware-infected file going undetected. By configuring antivirus software without any exclusions, the scanner has a higher success rate at detecting and eradicating malware.

Solution

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
On the menu bar, click Task->On-Access Scanner Properties.
Select All Processes.

Under the Exclusions tab, locate the 'What not to scan:' label. Remove any exclusions listed.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_McAfee_VirusScan88_Local_Client_V6R1_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.1., CAT|II, CCI|CCI-001242, Rule-ID|SV-243427r722620_rule, STIG-ID|DTAM153, STIG-Legacy|SV-55284, STIG-Legacy|V-42556, Vuln-ID|V-243427

Plugin: Windows

Control ID: b54481d1056c762a9d74d69c60978345103d8e42bb60e06be852899060de8271