Networked Computers > Global Client Settings
Configure the settings.
Virus/Malware scan settings. MORE >>
Configure scan settings for large compressed files: OfficeScan checks the file size and virus/malware count limit to determine whether to scan individual files contained in a compressed file.
Do not scan files in the compressed file if the size exceeds __ MB: OfficeScan does not scan any file that exceeds the limit.
Stop scanning after OfficeScan detects __ viruses/malware in the compressed file: When OfficeScan already detected the specified number of viruses/malware, it stops scanning the remaining un-scanned files in the compressed file. A large number of viruses/malware detected on a compressed file poses a huge threat and renders the file unsafe to access. Consider deleting the compressed file manually instead of letting the Virus Scan Engine take action on each of the infected files contained in the compressed file.
Clean compressed files: The scan action for viruses/malware detected on compressed files is "Clean".
Scan up to __ OLE layer(s): Object Linking and Embedding (OLE) allows users to create objects with one application and then link or embed them in a second application.
Add Manual Scan to the Windows shortcut menu on client computers: Enabling this option allows users to scan files and folders by right-clicking a file or folder on the Windows desktop or in Windows Explorer and clicking Scan with OfficeScan Client.
Exclude the OfficeScan server database folder from Real-time Scan: By default, OfficeScan does not scan its own database. Trend Micro recommends retaining this setting to prevent any possible corruption of the database that may occur during scanning.
Exclude Microsoft Exchange server folders from scanning: OfficeScan does not scan Microsoft Exchange 2000/2003 server folders for viruses/malware during Manual Scan, Real-time Scan, Scheduled Scan and Scan Now. If you have both Antivirus and Web Threat Protection services activated, enabling this option also does not scan Microsoft Exchange folders for spyware/grayware during Real-time Scan.
Note: For Microsoft Exchange 2007 folders, you need to manually add the folders to the scan exclusion list in Networked Computers > Client Management > Settings > {Scan Type} > Scan Exclusion. See http://technet.microsoft.com/en-us/library/bb332342.aspx for scan exclusion details.
Spyware/Grayware scan settings. MORE >>
Enable assessment mode: Learn more about assessment mode.
Scan for cookies: OfficeScan does not scan cookies by default. Select this option if you consider cookies in your networked computers as potential security risks.
Firewall log settings. MORE >>
You can grant certain clients the privilege to send firewall logs to the OfficeScan server. You can configure the log sending schedule in this section. Only clients with the privilege to send firewall logs will use the schedule.
Alert settings. MORE >>
OfficeScan can display notifications during the following instances:
If the Virus Pattern remains outdated after a certain number of days
If client users need to restart their computers to load a kernel mode driver: After installing a hot fix or an upgrade package that contains a new version of an OfficeScan kernel mode driver, the driver's previous version may still exist on the computer. The only way to unload the previous version and load the new one is to restart the computer. After restarting the computer, the new version automatically installs and no further restart is necessary. The notification message displays on the client computer after installing the hot fix or upgrade package.
Reserved disk space and Watchdog settings. MORE >>
Watchdog service: Restarts the OfficeScan client immediately if it terminates unexpectedly, which may happen if the client is under attack by a hacker. MORE >>
Malicious programs known as retro-viruses, like WORM_KLEZ.h, retaliate against antivirus solutions by shutting down key antivirus processes and deleting some files used by an antivirus solution. This enables them to infect using an old virus, hence the name "retro-virus". The OfficeScan client watchdog service (OfcDog.exe) protects the status of the OfficeScan client by doing the following:
Monitoring the status of OfficeScanNT RealTime Scan (NtRtScan.exe) and OfficeScan NT Listener (TmListen.exe)
If these OfficeScan processes are not running and were not stopped by a normal system process, the watchdog service restarts them. It also writes an event log on the client computer and sends the log to the server.
Locking all .exe and .dll files in the OfficeScan client directory to prevent other programs and even the user from modifying or deleting them
The Watchdog service is, by default, randomly named to help prevent other programs from terminating it.
Anti-hacking mode: Gives the Watchdog service a random name. This helps prevent any security risk from identifying the service and terminating it.
Reserve { } MB of disk space for updates: Allocates a certain amount of client disk space for hot fixes, pattern files, scan engines, and program updates. OfficeScan reserves 60MB of space by default.
Network virus log consolidation. MORE >>
Clients send only network virus logs once every hour.
Virus/Malware log bandwidth settings. MORE >>
Select the check box to have OfficeScan consolidate virus log entries when it detects multiple infections from the same virus/malware over a short period of time. OfficeScan may detect a single virus/malware multiple times, quickly filling the virus/malware log and consuming network bandwidth when the client sends log information to the server. Enabling this feature helps reduce both the number of virus/malware log entries made and the amount of network bandwidth clients consume when they report virus log information to the server.
Proxy configuration. MORE >>
Manually configuring proxy settings may be a complicated task for many end users. Use automatic proxy settings to ensure that correct proxy settings are applied without requiring any user intervention.
When enabled, automatic proxy settings are the primary proxy settings when clients update components either through automatic update or Update Now.
If clients cannot connect using the automatic proxy settings, client users with the privilege to configure proxy settings can use user-configured proxy settings. Otherwise, connection using the automatic proxy settings will fail.
Note: Proxy authentication is not supported.
Automatically detect settings: Automatically detects the administrator-configured proxy settings by DHCP or DNS.
Use automatic configuration script: Uses the proxy auto-configuration (PAC) script set by the network administrator to detect the appropriate proxy server.
Client grouping. MORE >>
This option groups clients in the client tree by NetBIOS, Active Directory or DNS domain.
Click Save.