Real-Time Scan

To configure the Real-Time Scan settings:

1. Click Policy on the top.
2. Select the Security Program Policy tab.
3. Click Add > Anti-Malware Policy > V3 Net.
4. To configure the Real-time Protection settings, go to PC Security > Scan Settings > Real-Time Scan, and specify the following fields:

• Enable real-time scan: Select the check box to enable Real-Time Scan.
• When real-time scan is disabled, turn it back on: Select the check box to restart Real-Time Scan after it is turned off, and specify when to restart it.
• Enable behavior watcher: Select the check box to identify new malware and suspicious files dynamically by checking malicious behaviors of the file in real-time.
• Enable reputation-based analysis: Select the check box to identify new malware and suspicious files dynamically by checking the reputation of files in real-time.
• Sensitivity Level: Specify the sensitivity level for Reputation-based Analysis. The sensitivity level is as follows:
• Low: Blocks files that were detected within the last 10 days, are used by less than 100 users, and with the score of suspicious behavior great than 25.
• Medium: Blocks files that were detected within the last 20 days, are used by less than 500 users, and with the score of suspicious behavior great than 10.
• High: Blocks files that were detected within the last 30 days, are used by less than 800 users, and with the score of suspicious behavior great than 0.

Note

Behavior Watcher and Reputation-based Analysis can be enabled only when Real-time Scan is enabled.

• Enable early launch anti-malware protection (For Windows 8 or later only): Checks the boot drivers is changed during boot time. If an unallowed driver is blocked, it will be reported in Event Log. This feature is supported only in Windows 8 or higher.

• Scan selected area before running real-time scan: If this feature is enabled, the most vulnerable areas in a system such as boot sector, memory and processes are scanned before Real-Time Scan starts.
• Boot sector: Scan the boot sector of the drive where Windows is installed. Windows is installed in the C drive in general.
• Memory and processes: Scan the programs and processes running in computer memory. When malware is running, most of them are loaded into memory to infect other programs.

Note

Programs are the files saved in disk and processes are the running programs copied from memory. Thus, when malware is executed, it is highly possible that a process executed by malware is running. The currently running processes can be checked in Windows Task Manager.

• Scan Performance Level: Specify the scan performance level.

• Additional Settings: Select the scan targets.
• Scan for potentially unwanted programs: Scans the program files, which you installed intentionally, but may cause security problems.
• Scan for programs with low reputation: Scans the program that was diagnosed as a program with low reputation.
• Scan the network drive: Scans the network drive.

• Remediation: Specify the repair process when the security threat is detected.
• If a malware is detected: Select whether to ignore or repair the detected security threats.
• Send infected files to Quarantine before repairing or removing: Select the check box to send the infected files to the quarantine.

5. After configuration, click Save. If you want to get back to the default settings, click Default.
6. When the <Add Policy> window appears, select a target to apply the policy.
7. When a confirming message appears, click OK.