Installation manual
49
4.1.1.1.1 Media to scan
By default, all types of media are scanned for potential threats.
Local drives – Controls all system hard drives
Removable media – Diskettes, USB storage devices, etc.
Network drives – Scans all mapped drives
We recommend that you keep the default settings and only modify them in specific cases, such as when scanning
certain media significantly slows data transfers.
4.1.1.1.2 Scan on (Event-triggered scanning)
By default, all files are scanned upon opening, creation or execution. We recommend that you keep the default
settings, as these provide the maximum level of real-time protection for your computer.
The Diskette access option provides control of the diskette boot sector when this drive is accessed. The Computer
shutdown option provides control of the hard disk boot sectors during computer shutdown. Although boot viruses
are rare today, we recommend that you leave these options enabled, as there is still the possibility of infection by a
boot virus from alternate sources.
4.1.1.1.3 Advanced scan options
More detailed setup options can be found under Computer protection > Antivirus and antispyware > Real-time
system protection > Advanced setup.
Additional ThreatSense parameters for newly created and modified files – The probability of infection in
newly-created or modified files is comparatively higher than in existing files. That is why the program checks these
files with additional scanning parameters. Along with common signature-based scanning methods, advanced
heuristics are used, which greatly improves detection rates. In addition to newly-created files, scanning is also
performed on self-extracting files (.sfx) and runtime packers (internally compressed executable files). By default,
archives are scanned up to the 10th nesting level and are checked regardless of their actual size. To modify archive
scan settings, deselect the Default archive scan settings option.
Additonal ThreatSense.Net parameters for executed files – By default, advanced heuristics are not used when
files are executed. However, in some cases you may want to enable this option (by checking the Advanced
heuristics on file execution option). Note that advanced heuristics may slow the execution of some programs due
to increased system requirements.
4.1.1.2 Cleaning levels
Real-time protection has three cleaning levels. To select a cleaning level, click the Setup... button in the Real-time
file system protection section and then click the Cleaning branch.
The first level, No cleaning, displays an alert window with available options for each infiltration found. You must
choose an action for each infiltration individually. This level is designed for more advanced users who know which
steps to take in the event of an infiltration.
The default level automatically chooses and performs a predefined action (depending on the type of infiltration).
Detection and deletion of an infected file is signaled by a message located in the bottom right corner of the
screen. Automatic actions are not performed when the infiltration is located within an archive (which also
contains clean files) or when infected objects do not have a predefined action.
The third level, Strict cleaning, is the most “aggressive” – all infected objects are cleaned. As this level could
potentially result in the loss of valid files, we recommend that it be used only in specific situations.