Scan All Files on Access

By default, all file are scanned when they are opened or used.

You can configure Trusted Processes as exceptions. When a trusted process accesses a file, the file is not scanned. Exclude a process only if you fully trust it and are sure it is not malware.

You can also select or clear these options:

• Detect Unusual Activity - Use behavior detection methods to protect computers from new threats whose information has not been added to the databases yet. It does not monitor trusted processes.
• Enable Cloud Reputation Services For Files, Web Resources, and Processes - Use cloud technologies to improve precision of scanning and monitoring functions. If you enable or disable this setting, it takes affect after the client computer restarts.
  • Connection Timeout - Change the maximum time to get a response from Reputation Services (in milliseconds).

    Note - If you decrease this value, it can improve the performance of the Anti-Malware Software Blade but reduces security, as clients might not get a reputation status that shows an item to be zero-day malware.

• Enable Web Protection - Prevents access to suspicious sites and execution of malicious scripts. Scans files, and packed executables transferred over HTTP, and alerts users if malicious content is found.
• Mail Protection - Enable or disable scans of email messages when they are passed as files across the file system.

To configure trusted processes:

1. In the Properties of the Scan all files on Access Action, click Add.
2. In the Trusted Processes window, enter the fully qualified path or an environment variable for the trusted executable file. For example:
   • C:\Program Files\MyTrustedDirectory\MyTrustedProgram.exe
   • %programdata%\MyTrustedProgram.exe
3. Click OK.

   The trusted program shows in the Trusted Processes list.