Bypassing McAfee Anti-Virus
SniperSpy should not be deployed remotely when Mcafee VirusScan or Mcafee Internet Security is installed on the remote computer. Mcafee is designed to alert users about hidden software. Therefore it will show up as a PUP (Potentially Unwanted Program). It is possible to make Mcafee "Trust" the PUP, but you need to adjust some Mcafee settings while sitting at the computer to be monitored.
Additionally, if your Mcafee has a firewall then it will detect the upload to the internet after about 15 minutes. You would need to "Grant Access" to the snhost.exe file of our program. The steps below help you perform the items in these two paragraphs.
However, even if you perform the steps below, Mcafee will still show these files during a *manual* scan. If you dont want those two programs show up as PUP, while scanning manually, then uncheck the option "scan for potentially unwanted programs" under scan options. According to Mcafee there is no way to avoid this.
Also, most Mcafee software stops Windows XP Limited Users from being able to access the registry. This causes most applications, including ours, to be unable to perform when a limited user is logged in. You can either make the user an admin user OR see the following solution to Mcafee detection.
Want Another Solution to the Mcafee Detection? Click Here
Listed below are step-by-step instructions of how to adjust Mcafee VirusScan and Mcafee Internet Security as much as possible. You should create your module from your home computer and place the module on a floppy or CD to have it ready once you are at your remote PC.
IMPORTANT NOTE: DO NOT TURN ON THE ANTI-VIRUS BLOCKER WHEN CREATING YOUR MODULE.
1. At your remote computer, execute the module file from the floppy or CD.
2. If a message from Mcafee pops up, click "TRUST THIS PUP".
3a. If you have Windows XP, perform a manual virus scan for C:\Documents and Settings\All Users\Application Data\COMPUTERNAME\ folder and click "TRUST THIS PUP" for the PUPs related to our software.
3b. If you have Windows Vista, perform a manual virus scan for C:\ProgramData\COMPUTERNAME\ folder and click "TRUST THIS PUP" for the PUPs related to our software.
NOTE: "COMPUTERNAME" should be replaced with your computer's actual name as found in My Computer.
4. If you have the Mcafee Firewall or Mcafee Internet Security, then five to fifteen minutes after you install the SniperSpy module, a firewall alert will appear for "snhost" or "taskenv". If it does, then click "Grant Access" as shown below.
5. Reboot. the PC. Then open My Computer to c:\Program Files\COMPUTERNAME\ if you have XP, or c:\ProgramData\COMPUTERNAME\ if you have Vista.
6. Go to VIEW > DETAILS to show each file's FULL filename.
7. Find "taskenv.exe" . Double-click taskenv.exe to execute it in case the startup entry got erased.
IMPORTANT NOTE: Mcafee will again detect these files when doing a manual scan. If you dont want those two programs show up as PUP, while scanning manually uncheck the option "scan for potentially unwanted programs" under scan options.
Want Another Solution to the Mcafee Detection? Click Here
