Real-time scanning settings

The settings available on the Settings > Real-time scanning page are described here.

To enable real-time scanning, select Real-time scanning enabled. To disable real-time scanning, clear Real-time scanning enabled.

The following options are available for selecting what to scan:

All Files
All files will be scanned, regardless of their file extension. This option is not recommended for general use because it might slow down the system performance considerably.
Files with These Extensions
Files with specified extensions will be scanned. To specify files that have no extension, type .. You can use the wildcard ? to represent any letter. Enter each file extension separated by a space. This option is recommended for real-time protection. New file extensions are also added to the list automatically when the virus definition databases are updated.
Enable excluded extensions
You can specify whether some files will not be scanned, and enter the extensions that will be excluded from scanning in the Excluded extensions field. This is most useful when scanning is set to All Files.
Enable excluded objects
Excluded objects are individual files or folders, which are normally set locally. They can also be set from Policy Manager Console by right-clicking the Enable excluded objects check box and selecting Locate in Advanced Mode.
Scan network drives
Select this check box to scan files that you access on network drives.
Important: In Client Security the Scan network drives setting is turned off by default.
Scan when created or modified
Normally files are scanned when they are opened for reading or executing. When a file is opened for writing, or a new file is created, and this setting is selected, the file is also scanned when it is closed. With this setting enabled, changes in new or modified files are detected immediately when they are closed. This setting is turned on by default and it is recommended to leave it turned on.
Decide action on infection automatically
For Client Security 9 or higher and Anti-virus for Windows Servers 9 or higher, you can select this option to let the program automatically decide what action to take whenever an infection is detected during scanning.

Custom action on infection

If automatic decisions are turned off, you can select the default action that the program will take when an infected file is detected from this drop-down menu. Choose one of the following actions:

Action	Definition
Ask after scan	Starts the Disinfection Wizard when an infected file is detected.
Disinfect automatically	Disinfects the file automatically when a virus is detected.
Rename automatically	Renames the file automatically when a virus is detected.
Delete automatically	Deletes the file automatically when a virus is detected. Note that this option also deletes the file the virus is attached to, so this option is not recommended.
Report only	Indicates that a virus is found, and does not let you open the infected object. This option only reports the virus, but does not take any action against it.
Quarantine automatically	Moves the infected file automatically into the Quarantine repository.

Protect the "Hosts" file
When turned on, the "Hosts" file will be protected against modifications by spyware. Some malware may try to use this file to substitute the IP address of a well-known DNS name with the IP address of a malicious web site.
Scan for tracking cookies
When this setting is turned on, tracking cookies will be detected. Real-time scanning will only detect tracking cookies that are stored on disk, not cookies that are only stored in the web browser's cache. Manual scanning will detect cookies stored both on disk and in the web browser's cache.

File extension handling

Client Security has a list of included extensions defined in the policy (this can be ‘all files’). Included extensions can also be part of a virus definitions update. These included extensions are first combined by Client Security, and then any excluded extensions are removed from that list to determine the actual list of files to scan. This applies to real-time scanning, manual scanning and e-mail scanning.