How detections are handled

Enforced Client Product Guide	Using the Virus and Spyware Protection Service
	Scanning client computers

To view results of a manual scan:

In the Scan Completed dialog box, click Report to display the Scan Statistics report.

What is in a Scan Statistics report?

The Scan Statistics report opens in the default browser and displays the following information: Date and time the scan was started.

Elapsed time for the scan.

Version of the scanning engine software and DAT file. Date of the last update.

Completion status of the scan. Location of the scanned items.

Status for scanned files, registry keys, and cookies:

Scanned	Number of items scanned.
Detected	The item is still a threat and still resides on the system. For files, they are most
	likely contained within a compressed archive (for example, a .ZIP archive) or on
	write-protected media. For registry keys and cookies, the file it is associated
	with has a status of Detected.
Cleaned	The item was cleaned of the threat. An encrypted backup copy of the original
	item was saved in a quarantine folder, where it can be accessed only with the
	Quarantine Viewer (see Manage quarantined files on page 109).
Deleted	The item could not be cleaned; it was deleted instead. An encrypted copy was
	saved in a quarantine folder, where it can be accessed only with the Quarantine
	Viewer (see Manage quarantined files on page 109).

The type of threat and the policy settings determine how the virus and spyware protection service handles a detection:

Items with detections	How the service handles the detections

Files and programs	Virus detections: The virus and spyware protection service attempts to
	clean the file. If it can be cleaned, the user is not interrupted with an
	alert. If it cannot be cleaned, an alert appears, and the detected file is
	deleted. A copy is placed in the quarantine folder.
	Potentially unwanted program detections: If the virus and spyware
	protection service is set to Protect mode, detections are cleaned or
	deleted. If set to Prompt mode, users must select the response. See
	Select a spyware protection mode on page 100 for details.
	In all cases, an encrypted backup copy of the original item is saved in a
	quarantine folder (see Manage quarantined files on page 109). Data for
	all activity is uploaded to the SecurityCenter for use in reports.

Registry keys and cookies	Detections initially appear as Detected. See Scan for spyware on
	page 93 for instructions on cleaning the detections. Cleaning detected
	files also cleans their associated registry keys and cookies. Their status
	is then reported as Cleaned.

SonicWALL 4.5 manual How detections are handled