Escan/english/escan11/eScan Management Console/Policies/Features Help/File Anti-Virus

From eScan Wiki

(Difference between revisions)

Current revision

· eScan · MailScan · Technologies

· Technical Info · Security Awareness · User Guides

1 File Anti-Virus

[edit]

File Anti-Virus

File Anti-Virus module prevents infection of the computer's file system. This module is starts on the startup of the operating system and continuously monitors and scans all the files that opened, saved, or launched along with all the connected devices. The Proactive Behavior Monitoring system blocks any application that behaves maliciously or might be malicious.

eScan offers Block Files feature, which allows to block or quarantine the file from being accessed. It also comprises of Folder Protection function that prevents user from creating, updating, or deleting files/subfolders within the specified folder.

Configure settings for File Anti-virus using the following tabs:

Objects
Options
Block Files
Folder Protection
File Rights
TSPM
Advanced Settings

[edit]

Objects

This tab will provide various option for fine tuning the settings available under File Anti-Virus. It provides options such as scanning a specific storage devices or excluding given file from scanning.</span>

Actions in case of virus definition

Displays the different actions that can be performed in case of any infection. The actions are:

Report only: Reports to you on a popup without taking any action on the file in case of virus detection.
Disinfect: Automatically disinfect any infected file on detection. Under this action, following two options are available:

Make backup file before disinfection: This check box allows to make backup file before disinfection.
If disinfection is impossible: You can configure from the following options:

Report Only: This option reports if it is not able to disinfect any particular virus.
Quarantine object: This option quarantines the infected object (isolate the objects) if it is not able to disinfect a virus.
Delete object: This option deletes the object if it is not able to disinfection a virus.

By default the Disinfect option is selected.

Quarantine object: Quarantines the file whenever an infection is detected (isolate the file). You can restore the Quarantine/Backup file by using the below procedure:

Click View Quarantine Objects option present on the main interface of File Anti-virus. You will be forwarded to the Quarantine window, click object name that you wish to restore. Now click Restore button to restore. File will be restored instantly.

Delete object: Automatically delete the file whenever an infected file is detected.

The following are the options that allows to scan specific disk or drive:

Scan local removable disk drives: This check box allows to monitor the real-time scanning of all the local removable drives attached to the computer. This option is enabled by default.
Scan local hard disk drives: This check box allows to monitor the real-time scanning of all the local hard drives installed on the computer. This option is enabled by default.
Scan network drives: This check box allows to monitor the real-time scanning of all the network drives including mapped folders and drives that are connected to the computer. This option is enabled by default.

Scan files of following types

This check box allows to choose the type of file to monitor while real-time scanning. It have 3 options to select files for scanning, whether All infectable, All, or By mask. The files listed in By mask option are the default file extensions that are defined by eScan. To add or delete files by mask, select and double-click Add/Delete option, and then add or delete files as required.

Exclude by mask

This check box allows to monitors all the excluded object in the Exclude by mask list during real-time monitoring or scanning. You can add or delete a file or a particular file extension by double-clicking the Add/Delete option. This option is enabled by default.

Not a Virus List

File Anti-Virus is able to detect the riskware. Riskware are legitimate program that are not strictly malicious, but pose some sort of risk for the user in another way. You can add the names of riskware, such as remote admin software to the riskware list in the Not a Virus List dialog box by double-clicking the Add / Delete option, if you are certain that they are not malicious. This option is enabled by default and the riskware list is empty by default.

Exclude Files/Folders

This option excludes the listed files, folders, and subfolders, while monitoring or scanning the folders. You can add or delete folders from the existing list of folders by double-clicking the Add / Delete option. This option is enabled by default.

Scan compound objects

This option allows to scan the archives and packed files during the scan. The Archive check box allows to scan archive files. The depth level of an archived file up to which you want to scan can be defined in Archive Depth Level field. By default, value is 16, but you can change it by double-clicking the arrow icon, and then type value in the size box. By default, Packed is selected. This option is enabled by default.

Enable code analyser

This option uses heuristic analyzer during the real-time scan of the computer for suspicious objects or unknown infections. It not only scans and detects infected objects by using the definitions or updates, but it also checks for suspicious files stored on the computer.

[edit]

Options

This tab will allow to configure the basic settings such as the maximum size of log files and path of the destination folder for storing log files, quarantined objects, and report files.

It provides the following options for configuration:

Save report file

This option allows to save the generated reports. The generates report consist of logs information about the scanned files and the action taken when an infected file is detected. This option is enabled by default and it also allows to configure following settings:

Show pack info in the report (Monvir.log): This option is enabled by default and it allows to add details about the scanned compressed files, such as .ZIP and .RAR files to the Monvir.log file.
Show clean object info in the report (Monvir.log): This option allows to add details about uninfected files found during a scan operation to the Monvir.log file. This option helps to find out which files are not infected.
Limit size to (KB) (avpM.rpt): This option helps to set the size limit of the avpM.rpt file. To specify the size of the log file, double-click the size box and define the size. The default value is 50 KB.

For quarantining of infected objects

This option helps to specify the destination for storing quarantined objects. By default, the quarantined objects are stored in the C:\Program Files\eScan\INFECTED [32-bit] OR C:\Program Files (x86)\ eScan\ INFECTED [64-bit] folder. You can change the location of the destination folder if required.

Enable Auto backup / Restore

This option allows to takes automatic backup of critical files of the Windows® operating system installed on the computer and to restore the clean files when it finds an infection in any of the system files, which cannot be disinfected. This option allows to configure the following settings:

For backup of clean objects: eScan allows to backs up uninfected objects and store them in a given folder. By default, these objects are stored in a folder named Fbackup on the drive that has maximum free space. You can change the path of the destination folder if desired.
Do not backup files above size (KB): This option is enabled by default and helps to prevent File Anti-Virus from creating backup of files that is larger than the defined file size. The default value is set to 32768 KB.
Minimum disk space (MB): This option is enabled by default and enables to set the minimum free hard disk space up to which you want eScan to take backup of files. By default, value is 1 MB, but you can change it by double-clicking the arrow icon, and then type value in the size box.

Use sound effects for the following events

This check box option allows to configure eScan to play a sound file and show the details regarding the infection within a message box when any malicious software is detected. However, you need to ensure that the computer speakers are switched on.

Display attention messages

This option allow to displays an alert, which consist the path, name of the infected object, and the action taken. This option is enabled by default.

Enable Malware URL Filter

This option is blocks the access to malicious websites/URL.

Proactive Behavior Monitor

This option allows to monitor the executable files that are running on your system. In case, if eScan finds any executable files suspicious that may cause any harm to your system, it alerts the user with a pop-up message. To access the suspicious file, you can White list them anytime.

It also allows to view the list of files that are blocked from executing on the system. You can add a File to White list or Block List using this option.

Enable Ransomware Protection

This check box enables the protection against ransomware and enabled by default.

[edit]

Block Files

The Block Files tab lets you configure settings for preventing executables and files, such as autorun.inf, on network drives, USB drives, and fixed drives from accessing your computer.
You can configure the following settings:

Disable AutoPlay on USB and Fixed Drives [Default]
Selecting this option will disable AutoPlay when a USB/Fixed Drive is connected.

Deny access of executables on USB Drives
Select this check box if you want eScan to prevent executables stored on USB drives from being accessed.

Deny access of executable from Network
Select this check box if you want eScan to prevent executables on the client computer from being accessed from the network.

User defined whitelist
This option is enabled after selecting the Deny access of executable from Network check box. You can use this option to enter the folders that need to be whitelisted so that executables can be accessed in the network from the folders mentioned under this list. To add files, click Add.
Enter the complete path of the folder to be whitelisted on the client systems. You can either whitelist the parent folder only or select the Include subfolder option to whitelist the subfolders as well.

Deny Access of following files [Default]
Select this check box if you want eScan to prevent the files in the list from running on the computers.

Quarantine Access-denied files
Select this check box if you want eScan to quarantine files to which access is denied.

You can prevent specific files from running on the eScan client computer by adding them to the Block Files list. By default, this list contains the value %sysdir%\\*.EXE@. Click Add.
Enter the full name of the file to be blocked from execution on the client systems.

[edit]

Folder Protection

<p style="font-size: 11.0pt; font-family: 'Open Sans';">The Folder Protection tab lets you protect specific folders from being modified or deleted by adding them to the Folder Protection list. It lets you configure the following setting:

Protect files in following folders from modification and deletion [Default]: This option is enabled by default. It protects the files in specific folders from being modified or deleted. Once you enable this check box, it will automatically enable the following buttons:

Add: It allows you Add folders to be protected. Browse the folders and Add in the Folder List.
Delete: You can delete the folder from folder list. Click on the Delete button. A confirmation window appears. Click Yes, the folder will be deleted.
Remove All: You can remove/delete all the folders in the list at once.

[edit]

File Rights

The File Rights tab restricts or allows for remote or local users from modifying folders, subfolders, files or files with certain extensions.

Enable eScan Remote File Rights
Select this check box to allow/restrict the remote users to make any modifications to the files and folders.

Do not allow remote users to modify the following local files
The files/folders added to this list cannot be modified by the remote users.

Allow modification for following files
The files added to this list can be modified by the remote user.

Enable eScan local file rights
Select this check box to allow/restrict the local users to make any modifications to the files/folders.

Do not allow local users to modify the following files
The files/folders added to this list cannot be modified by the local users.

Allow modification for files
The files/folders added to this list can be modified by the local users.

[edit]

TSPM

TSPM – Terminal Services Protection Module by eScan detects brute force attempts and heuristically identifies suspicious IP Addresses/Hosts and blocks any attempts to access the system. In order to safeguard the systems from future attacks, the IP addresses and Hosts from these attacks are banned from initiating any further connections to the system.

Enable Terminal Service Protection Module

This checkbox enables Terminal Service Protection Module. To add a list of IP addresses to be excluded from being blocked by TSPM, click Add. Add IP window appears. Enter the IP address and then click OK.

[edit]

Advanced Settings

Clicking Advanced Settings lets you configure advanced settings for console.

Disable Reload Password (2=Disable/1=Enable)
This option lets you enable or disable password for reloading eScan. After enabling, the user will be asked to enter reload password if user attempts to reload eScan. This is the administrator password for eScan Protection Center.
Display Print Job events (1 = Enable/0 = Disable)
This option lets you capture events for the Print Jobs from Managed Computers.
IP Address Change Allowed (2 = Disable/1 = Enable)
This option lets you enable/disable IP Address Change by the user on their computer.
Enable Time Synchronization (1 = Enable/0 = Disable)
This option lets you enable/disable time synchronization with internet. Active internet connection is mandatory for this feature.
Clear Quarantine folder after Days specified
This option lets you specify number of days after which the Quarantine folder should be cleared on Managed Computers.
Clear Quarantine Folder after Size Limit specified in MB
This option lets you specify size limit for the Quarantine folder. If the defined size limit exceeds, the Quarantine folder will be cleared on Managed Computers.
Exclude System PID from Scanning (1 = Enable/0 = Disable)
This option lets you exclude system process ID (Microsoft assigned System PIDs) from scanning on Managed Computers.

Disable Virtual Key Board Shortcut key (1 = Enable/0 = Disable)
This option lets you disable shortcut for using Virtual Keyboard on Managed Computers.

Show eScan Tray Menu (1 = Show/0 = Hide)</br> This option lets you Hide or Show eScan Tray menu on Managed Computers.

Show eScan Tray Icon (1 = Show/0 = Hide)
This option lets you hide or show eScan Tray Icon on Managed Computers.

Show eScan Desktop Protection Icon (1 = Show/0 = Hide)
This option lets you hide or show eScan Protection icon on Managed Computers.

Enable eScan Remote Support in Non-Administrator mode (1 = Enable/0 = Disable)
This option lets you enable/disable eScan Remote Support in Non-Administrator Mode. eScan will not prompt for entering Administrator Password to start eScan Remote Support from Managed Computers.

Define Virus Alert Time (in seconds)
This option lets you define time period in seconds to display Virus Alert on Managed Computers.

Show Malware URL Warning (1 = Show/0 = Hide)
This option lets you show or hide Malware URL warning messages on Managed Computers.

Protect Windows Hosts File (1 = Allow/0 = Block)
Use this option to Allow/Block modifications to Windows Host Files.

Search for HTML Scripts (1 = Allow/0 = Block)
Use this option to Allow/Block search for html script (infection) in files. This option will have impact on system performance.

Show Network Executable block alert (1 = Show/0 = Hide)
This option lets you show/hide Network executable block alerts on Managed Computers.

Show USB Executable Block Alert (1 = Show/0 = Hide)
This option lets you show/hide USB executable block alerts on Managed Computers.

Show eScan Tray Icon on Terminal Client (1 = Show/0 = Hide)
This option lets you show/hide eScan Tray Icon on Terminal Clients on Managed Computers.

Enable eScan Self Protection (1 = Enable/0 = Disable)
This option lets you Enable/Disable eScan Self Protection on Managed Computers, if this feature is enabled, no changes or modifications can be made in any eScan File.

Enable eScan Registry Protection (1 = Enable/0 = Disable)
This option lets you Enable/Disable eScan Registry Protection. User cannot make changes in protected registry entries if it is enabled on Managed Computers.

Enable backup of DLL files (1 = Enable/0 = Disable)
This option lets you Enable/Disable backup of DLL files on Managed Computers.

Integrate Server Service dependency with Real-time monitor (1 = Enable/0 = Disable)
This option lets you Integrate Server Service dependency with real-time monitor.

Send Installed Software Events (1 = Enable/0 = Disable)
This option lets you receive Installed Software Events from Managed Computers.

Enable Winsock Protection (Require Restart) (1 = Enable/0 = Disable)
This option lets you Enable/Disable protection at the Winsock Layer.

Enable Cloud (1 = Enable/0 = Disable)
This option lets you Enable/Disable eScan Cloud Security Protection on Managed Computers.

Enable Cloud Scanning (1 = Enable/0 = Disable)
This option lets you Enable/Disable Cloud Scanning on Managed Computers.

Remove LNK (Real-Time) (1 = Enable/0 = Disable)
This option lets you Enable/Disable Removal of LNK on real-time basis.

Whitelisted AutoConfigURL
This option lets you whitelist AutoConfigURLs. Enter comma separated URLs that need to be whitelisted.

Disable Add-ons/Extension blocking (1 = Enable/0 = Disable)
Selecting this option disables Add-ons and Extension blocking.

Include files to scan for archive (Eg: abc*.exe)
This option lets you add file types that needs to be when archive scanning enabled.

Block Date-Time Modification (1 = Enable/0 = Disable)
This option lets you block the modification of the system date and time.

Allow CMD-Registry for Date-Time blocking (Depends upon Block Date-Time Modification) (1 = Enable/0 = Disable)
Selecting this option lets you block date-time modification from the CMD-Registry.

Domain list for exclusion of Host file scanning (e.g. abc.mwti)
Selecting this option lets you add the list of domains to be excluded from host file scanning.

Disable Pause Protection and Open Protection center on Right Click (Set 192 for disable)
This option disables Pause Protection and Open Protection center on Right Click if you set it to 192.

Enable Share Access Control (1 = Enable/0 = Disable)
It enables Share Access Control. Network Shares ReadOnly Access and Network Shares NoAccess options will work only if this option is selected.

NOTE

Only if it is enabled the setting NetworkSharesReadOnlyAccess and NetworkSharesNoAccess will be referred

List of comma-separated servers and/or shares and/or wildcards which needs to be given NO ACCESS e.g. \\192.168.1.1\temp or \\192.168.1.1\temp\*.doc or *.doc (Work only when "Enable Share Access Control" is set)
Selecting this option lets you add the List of comma-separated servers and/or shares and/or wildcards that should not be accessible.

List of comma-separated servers and/or shares and/or wildcards which needs to be given READ ONLY ACCESS e.g. \\192.168.1.1\temp or \\192.168.1.1\temp\*.doc or *.doc (Work only when "Enable Share Access Control" is set)
Selecting this option lets you add the List of comma-separated servers and/or shares and/or wildcards that should be given only view access and not be editable.

Include files to scan for archive (eg: abc*.exe)
Selecting this option lets you add file types that should be scanned.

Whitelist IP Address (Depends on IP Address Change Allowed) (E.G 192.168.1.* You can put comma-separated list)
Selecting this option lets you add the list of IP addresses separated by commas to whitelist them.

Block Access to Control Panel (1 = Enable/0 = Disable)
Selecting this option lets you block the user from accessing the control panel.

Disable COPY/PASTE (1 = Enable/0 = Disable)
Selecting this option lets you disable Copy/Paste actions.

Enable logging of sharing activity from suspected malware system (WSmbFilt.log on client system) (1 = Enable/0 = Disable)
Enabling this option directs eScan to log any sharing activity performed by suspected malware system. By default, this feature is enabled.

Block all RDP Session except Whitelisted under TSPM
Selecting this option lets you block all RDP sessions excluding the ones you have Whitelisted under TSPM.

Allow RDP (1=Block Foreign IP and allow Local IP/0 =Block Local & Foreign IP but allow Whitelisted IP)
This option lets you allow or block the foreign and local IP addresses excluding the whitelisted ones.

PowerShell Exclusion list
Selecting this option lets you add a PowerShell script file path manually to exclude files and folders from real-time scan.

Allow Uninstallers (1 = Enable/0 = Disable)
Selecting this option lets you enable/disable use of third party uninstallers.

Block Renaming of Hostname (1 = Enable/0 = Disable)
Selecting this option lets you enable/disable block Hostname renaming.

Restricted Environment enabled (1 = Enable/0 = Disable)
Selecting this option lets you enable/disable restrict environment settings.

Block eternal blue (wannacry) exploits (1 = Enable/0 = Disable)
Selecting this option lets you block eternal blue (wannacry) exploits. By default, this option is enabled.

Default: Click this button to apply the default settings.
OK: Click this button to apply the configured settings.
Cancel: Click this button to cancel the configured settings or to close the window.

Retrieved from "https://wiki.escanav.com/wiki/index.php/Escan/english/escan11/eScan_Management_Console/Policies/Features_Help/File_Anti-Virus"

From eScan Wiki

Current revision

Contents

File Anti-Virus

Objects

Options

Block Files

Folder Protection

File Rights

TSPM

Advanced Settings

Main Page

Latest Developments

Product Information

Knowledge Base

For Windows Downloads

For Linux Downloads

For MAC Downloads

General

Support

Views

 |style="text-align:right;"|&nbsp;&nbsp;'''·''' [[Technical Info|<font size=1.5 color="blue">Technical Info</font>]]&nbsp;&nbsp;'''·''' [[Escan/english/Security_Awareness|<font size=1.5 color="blue">Security Awareness</font>]]&nbsp;&nbsp;'''·''' [[User_Guides|<font size=1.5 color="blue">User Guides</font>]]
 |}
-__TOC__
-<br>
-==<B><font size=5 color=#24B200>File Anti-Virus</font></B>==
-<br><br>
-File Anti-Virus is a part of the eScan’s Protection feature. This module monitors and safeguards your computer on a real-time basis from all kinds of malicious software as files are accessed, copied, or executed. This module includes the Proactive Scanning feature, which helps you to  block applications that perform suspicious activities. File Anti-Virus also includes the Block Files feature. This feature allows you to block or quarantine files from being accessed from local or network drives. In addition, File Anti-Virus also allows you to enable Folder Protection, which prevents users from creating, deleting, or updating files or subfolders within specified folders.
+<h2 style='color:#556B2F;font-size:24.0pt;font-family:"Open Sans"'>File Anti-Virus</h2>
-There are four tabs – Objects, Options, Block Files, and Folder Protection, which are as follows:
+<p style='font-size:11.0pt;font-family:"Open Sans"'>File Anti-Virus module prevents infection of the computer's file system. This module is starts on the startup of the operating system and continuously monitors and scans all the files that opened, saved, or launched along with all the connected devices. The Proactive Behavior Monitoring system blocks any application that behaves maliciously or might be malicious.</p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>eScan offers <b>Block Files</b> feature, which allows to block or quarantine the file from being accessed. It also comprises of <b>Folder Protection</b> function that prevents user from creating, updating, or deleting files/subfolders within the specified folder.</p>
-'''I. ''Objects'''''
+<p style='font-size:11.0pt;font-family:"Open Sans"'>Configure settings for File Anti-virus using the following tabs:</p>
-This tab provides you with a number of settings for fine-tuning the File Anti Virus module as per your requirements. For example, you can configure module to scan specific storage devices or exclude files of a given file type.
+<ul>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'>Objects</li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'>Options</li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'>Block Files</li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'>Folder Protection</li>
+<li style='font-size:11.0pt;font-family:"Open Sans"'>File Rights</li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'>TSPM</li>
+<li style='font-size:11.0pt;font-family:"Open Sans"'>Advanced Settings</li>
+</ul>
+<h4 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Objects</h4>
-::::::::* '''Actions in case of virus detection:''' This section lists the different actions that File Anti Virus can perform when it detects a virus infection. These actions are Report only, Disinfect, Quarantine, and Delete object. Out of these, the '''Disinfect''' option is selected by default. By default, the quarantined files are saved in '''C:\Program Files\eScan\Infected folder'''
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This tab will provide various option for fine tuning the settings available under File Anti-Virus. It provides options such as scanning a specific storage devices or excluding given file from scanning.</span></p>
-::::::::* '''Scan local removable disk drives: ''[Default]''''' You should select this check box if you need to scan all the local removable drives attached to the computer.
+<p style='color:#0276FDfont-size:12.0pt;font-family:"Open Sans"'><b>Actions in case of virus definition</b></p>
-::::::::* '''Scan local hard disk drives: ''[Default]''''' You should select this check box if you need to scan all the local hard drives installed to the computer.
+<p style='font-size:11.0pt;font-family:"Open Sans"'>Displays the different actions that can be performed in case of any infection. The actions are:</p>
-::::::::* '''Scan network drives: ''[Default]''''' You should select this check box if you need to scan all the network drives, including mapped folders and drives, connected to the computer.
+<ul>
-::::::::* '''Scan files of following types: '''You should select this option if you need to scan all files, only infectable files, and files by extension(Scan by mask). eScan provides you with a list of default files and file types that it scans by extension. You can add more items to this list or remove items as per your requirements by using the '''Add / Delete''' option.
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Report only</strong>: Reports to you on a popup without taking any action on the file in case of virus detection.</li>
-::::::::* '''Exclude by mask:''' '''[''Default]'' '''You should select this check box if you need the File Anti Virus monitor to exclude all the objects in the Exclude by mask list during real time monitoring or scanning. You can add or delete a file or a particular file extension by double-clicking the '''Add / Delete''' option.
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Disinfect</strong>: Automatically disinfect any infected file on detection. Under this action, following two options are available:</li>
-::::::::* '''Not a virus list:''' '''''[Default]'' '''File Anti Virus is capable of detecting riskware. Riskware refers to software that are originally not intended to be malicious but somehow can pose as a security risk to critical operating system functions. You can add the names of riskware, such as remote admin software, to the riskware list in the '''Not a virus list''' dialog box by double-clicking the '''Add / Delete''' option if you are certain that they are not malicious. The riskware list is empty by default.
+<ul>
-::::::::* '''Exclude Files/Folders: ''[Default]'' '''You should select this check box if you want File Anti Virus to exclude all the listed files, folders, and sub folders while it is monitoring or scanning folders. The Files/Folders added to this list will be excluded from the real –time scan as well as on-demand scan.You can add or delete files/folders from the  list of by clicking the '''Add / Delete''' option.
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Make backup file before disinfection</strong>: This check box allows to make backup file before disinfection.</li>
-::::::::* '''Scan compound objects: ''[Default]'' '''You should select this check box if you want eScan to scan archives and packed files during scan operations. By default, '''Packed''' is selected.
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>If disinfection is impossible</strong>: You can configure from the following options:</li>
-::::::::* '''Enable code analyser:''' You should select this check box if you want eScan to scan your computer for suspicious objects or unknown infections by using the heuristic analyzer. When this check box is selected, File Anti Virus not only scans and detects infected objects by using the definitions or updates, but it also checks for suspicious files stored on your computer.
+<ul>
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Report Only</strong>: This option reports if it is not able to disinfect any particular virus.</li>
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Quarantine object</strong>: This option quarantines the infected object (isolate the objects) if it is not able to disinfect a virus.</li>
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Delete object</strong>: This option deletes the object if it is not able to disinfection a virus.</li>
+</ul>
+</ul>
+</ul>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>By default the <strong>Disinfect</strong> option is selected.</p>
+<ul>
+<ul>
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Quarantine object</strong>: Quarantines the file whenever an infection is detected (isolate the file). You can restore the <strong>Quarantine/Backup</strong> file by using the below procedure:</li>
+<ul>
+<li style='font-size:11.0pt;font-family:"Open Sans"'>Click <strong>View Quarantine Objects</strong> option present on the main interface of File Anti-virus. You will be forwarded to the <strong>Quarantine</strong> window, click object name that you wish to restore. Now click <strong>Restore</strong> button to restore. File will be restored instantly.</li>
+</ul>
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Delete object</strong>: Automatically delete the file whenever an infected file is detected.</li>
+</ul>
+</ul>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>The following are the options that allows to scan specific disk or drive:</p>
+<ul>
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Scan local removable disk drives</strong>: This check box allows to monitor the real-time scanning of all the local removable drives attached to the computer. This option is enabled by default.</li>
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Scan local hard disk drives</strong>: This check box allows to monitor the real-time scanning of all the local hard drives installed on the computer. This option is enabled by default.</li>
+<li style='font-size:11.0pt;font-family:"Open Sans"'><strong>Scan network drives</strong>: This check box allows to monitor the real-time scanning of all the network drives including mapped folders and drives that are connected to the computer. This option is enabled by default.</li>
+</ul>
-'''II. ''Options'''''
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Scan files of following types</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This check box allows to choose the type of file to monitor while real-time scanning. It have 3 options to select files for scanning, whether <b>All infectable</b>, <b>All</b>, or<b> By mask</b>. The files listed in <b>By mask</b> option are the default file extensions that are defined by eScan. To add or delete files by mask, select and double-click <b>Add/Delete</b> option, and then add or delete files as required.</p>
-This tab helps you configure the basic settings for the File Anti Virus module, such as the maximum size of log files and the path of the destination folder for storing log files, quarantined objects, and report files.
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Exclude by mask</b></p>
-You can configure the following settings:
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This check box allows to monitors all
+the excluded object in the <b>Exclude by mask</b> list during real-time monitoring or scanning. You can add or delete a file or a particular file extension by double-clicking the <b>Add/Delete</b> option. This option is enabled by default.</p>
-:::::* '''Save report file:''' '''''[Default]'' '''You should select this check box if you need eScan to save the reports generated by the File Anti-Virus module. The report file logs information about the scanned files and the action taken by File Anti Virus when an infected file was found during the scan.
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Not a Virus List</b></p>
-::::::::* '''Show pack info in the report:''' '''''[Default]'' '''You should select this check box if you need File Anti-Virus to add information regarding scanned compressed files, such as .ZIP and .RAR files to the Monvir.log file.
+<p style='font-size:11.0pt;font-family:"Open Sans"'>File Anti-Virus is able to detect
-::::::::* '''Show clean object info in the report: '''You should select this check box if you need File Anti-Virus to add information regarding uninfected files found during a scan operation to the Monvir.log file. You can select this option to find out which files are not infected.
+the riskware. Riskware are legitimate program that are not strictly malicious, but pose some sort of risk for the user in another way. You can add the names of riskware, such as remote admin software to the riskware list in the <b>Not a Virus List</b> dialog box by double-clicking the <b>Add / Delete</b> option, if you are certain that they are not malicious. This option is enabled by default and the riskware list is empty by default.</p>
-::::::::* '''Limit size to (Kb) (avpM.rpt):''' Select this check box if you need File Anti-Virus to limit the size of the Monvir.log file and avpM.rpt file. You can double-click the size box and specify the size of the log file.
-:::::* '''Enable Auto backup / Restore: ''[Default]'' '''This check box helps you back up the critical files of the Windows® operating system installed on your computer and then''' automatically '''restore the clean files when eScan finds an infection in any of the system files that cannot be disinfected. You can do the following settings:
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Exclude Files/Folders</b></p>
-::::::::* '''Do not backup files above size (KB): ''[Default]'' '''This option helps you prevent File Anti Virus from creating backup of files that are larger than the file size that you have specified.
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option excludes the listed
-::::::::* '''Minimum disk space (MB'''): ''[Default]'' eScan Auto-backup will first check for the minimum available space limit defined for a hard disk drive. If the minimum define space is available then only the Auto-backup will function, if not it will stop without notifying. You can allot the Minimum disk space to be checked from this option.
+files, folders, and subfolders, while monitoring or scanning the folders. You can add or delete folders from the existing list of folders by double-clicking the <b>Add / Delete</b> option. This option is enabled by default.</p>
-:::::* '''Limit file size to (KB):''' '''''[Default]'' '''This check box enables you to set a limit size for the objects or files to be scanned. The default value is set to '''20480 '''Kb.
-:::::* '''Enable Proactive Scan: '''When you select this check box, File Anti Virus monitors your computer for suspicious applications and prompts you to block such applications when they try to execute.
-:::::* '''Use sound effects for the following events:''' This check box helps you configure eScan to play a sound file and show you the details regarding the infection within a message box when any malicious software is detected by File Anti Virus. However,you need to ensure that the computer’s speakers are switched on.
-:::::* '''Display attention messages:''' '''''[Default]'' '''When this option is selected, eScan displays an alert, which displays the path and name of the infected object and the action taken by the File Anti Virus module.
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Scan compound objects</b></p>
-'''III. ''Block Files '''''
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option allows to scan the archives and packed files during the scan. The <b>Archive</b> check box allows to scan archive files. The depth level of an archived file up to which you want to scan can be defined in <b>Archive Depth Level</b> field. By default, value is 16, but you can change it by double-clicking the arrow icon, and then type value in the size box. By default, <b>Packed</b> is selected. This option is enabled by default.</p>
-This tab helps you configure settings for preventing executables and files, such as autorun.inf, on network drives, USB drives, and fixed drives from accessing your computer.
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Enable code analyser</b></p>
-You can configure the following settings:
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option uses heuristic analyzer during the real-time scan of the computer for suspicious objects or unknown infections. It not only scans and detects infected objects by using the definitions or updates, but it also checks for suspicious files stored on the computer.</p>
-* '''Deny access of executables on USB Drives:''' You should select this check box if you need to prevent executables stored on USB drives from being accessed.
+<h4 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Options</h4>
-* '''Deny access of AUTORUN.INF on USB and Fixed Drives:''' '''''[Default]'' '''You should select this check box if you need to prevent executables from USB and fixed drives from being accessed.
-* '''Deny access of executable from Network: '''You should select this check box if you need to prevent executables on the client computer from being accessed from the network.
-=User defined whitelist: '''This option is effective when the '''Deny access of executable from Network '''tab''' '''is enabled. You can use this option to enter the folders that need to  be whitelisted so that executables can be accessed  in the network from the folders mentioned under this list.''' '''You need to click the '''Add''' tab to enter the complete path of the folder to be protected on the client systems. You can either protect the parent folder only or select the '''Include subfolder'''  option for protecting the child folders as well.='''
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This tab will allow to configure the
+basic settings such as the maximum size of log files and path of the
+destination folder for storing log files, quarantined objects, and report
+files.</p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>It provides the following options for configuration:</p>
-* '''Deny Access of following files:''' '''''[Default]'' '''You should select this check box if you need to prevent the files in the list from running on the Client computers.
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Save report file</b></p>
-* '''Quarantine Access-denied files: '''You should select this check box if you need to quarantine files that have been Access-denied.
-You can prevent specific files from running on the  eScan client computer by adding them to the Block Files list. By default, this list contains the value %sysdir%\\*.EXE@. You need to click the Add tab to enter the full name of the file to be blocked from execution on the client systems.
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option allows to save the generated reports. The generates report consist of logs information about the scanned files and the action taken when an infected file is detected. This option is enabled by default and it also allows to configure following settings:</p>
-'''IV. ''Folder Protection'''''
+<ul>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Show pack info in the report (Monvir.log):</b> This option is enabled by default and it allows to add details about the scanned compressed files, such as .ZIP and .RAR files to the Monvir.log file. </li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Show clean object info in the report (Monvir.log):</b> This option allows to add details about uninfected files found during a scan operation to the <b>Monvir.log</b> file. This option helps to find out which files are not infected.</li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Limit size to (KB) (avpM.rpt):</b> This option helps to set the size limit of the <b>avpM.rpt</b> file. To specify the size of the log file, double-click the size box and define the size. The default value is <b>50</b> KB.</li>
+</ul>
-This tab helps you protect specific folders from being modified or deleted by adding them to the Folder Protection list. It allows you to configure the following setting:
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>For quarantining of infected objects</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option helps to specify the destination for storing quarantined objects. By default, the quarantined objects are stored in the <b>C:\Program Files\eScan\INFECTED [32-bit] </b>OR <b>C:\Program Files (x86)\ eScan\ INFECTED [64-bit]</b> folder. You can change the location of the destination folder if required.</p>
-* '''Protect files in following folders from modification and deletion: ''[Default]''''' This option is selected by default. You should select this check box if you need the File Anti-Virus module to protect files in specific folders from being modified or deleted on the client systems. You need to click the '''Add '''tab''' '''to enter the complete path of the folder to be protected on the client systems. You can either protect the parent folder only or select the '''Include subfolder ''' option for protecting the child folders as well.
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Enable Auto backup / Restore</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option allows to takes automatic backup of critical files of the Windows® operating system installed on the computer and to restore the clean files when it finds an infection in any of the system files, which cannot be disinfected. This option allows to configure the following settings:</p>
+<ul>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>For backup of clean objects:</b> eScan allows to backs up uninfected objects and store them in a given folder. By default, these objects are stored in a folder named Fbackup on the drive that has maximum free space. You can change the path of the destination folder if desired.</li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Do not backup files above size (KB):</b> This option is enabled by default and helps to prevent File Anti-Virus from creating backup of files that is larger than the defined file size. The default value is set to <b>32768</b> KB.</li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Minimum disk space (MB):</b> This option is enabled by default and enables to set the minimum free hard disk space up to which you want eScan to take backup of files. By default, value is <b>1</b> MB, but you can change it by double-clicking the arrow icon, and then type value in the size box.</li>
+</ul>
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Use sound effects for the following events</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This check box option allows to configure eScan to play a sound file and show the details regarding the infection within a message box when any malicious software is detected. However, you need to ensure that the computer speakers are switched on.</p>
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Display attention messages</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option allow to displays an alert, which consist the path, name of the infected object, and the action taken. This option is enabled by default.</p>
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Enable Malware URL Filter</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option is blocks the access to malicious websites/URL.</p>
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Proactive Behavior Monitor</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This option allows to monitor the executable files that are running on your system. In case, if eScan finds any executable files suspicious that may cause any harm to your system, it alerts the user with a pop-up message. To access the suspicious file, you can White list them anytime.</p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>It also allows to view the list of files that are blocked from executing on the system. You can add a File to White list or Block List using this option.</p>
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Enable Ransomware Protection</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This check box enables the protection against ransomware and enabled by default.</p>
+<h4 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Block Files</h4>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>The Block Files tab lets you configure settings for preventing executables and files, such as autorun.inf, on network drives, USB drives, and fixed drives from accessing your computer.<br>
+You can configure the following settings:<br><br>
+<b>Disable AutoPlay on USB and Fixed Drives [Default]</b><br>
+Selecting this option will disable AutoPlay when a USB/Fixed Drive is connected.<br><br>
+<b>Deny access of executables on USB Drives</b><br>
+Select this check box if you want eScan to prevent executables stored on USB drives from being accessed.<br><br>
+<b>Deny access of executable from Network</b><br>
+Select this check box if you want eScan to prevent executables on the client computer from being accessed from the network.<br><br>
+<b>User defined whitelist</b><br>
+This option is enabled after selecting the <b>Deny access of executable from Network </b>check
+box. You can use this option to enter the folders that need to be whitelisted so that executables can be accessed in the network from the folders mentioned under this list. To add files, click <b>Add</b>.<br>
+Enter the complete path of the folder to be whitelisted on the client systems. You can either whitelist the parent folder only or select the <b>Include subfolder</b> option to whitelist the subfolders as well.<br>
+<br>
+<b>Deny Access of following files [Default]</b><br>
+Select this check box if you want eScan to prevent the files in the list from running on the computers.<br> <br>
+<b>Quarantine Access-denied files</b><br>
+Select this check box if you want eScan to quarantine files to which access is denied. <br>
+<ol >
+ <li style='font-size:11.0pt;font-family:"Open Sans"'>You can prevent specific files from running on the eScan client computer by adding them to the Block Files list. By default, this list contains the value %sysdir%\\*.EXE@. Click <b>Add</b>. </li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'>Enter the full name of the file to be blocked from execution on the client systems. </li>
+</ol>
+<h4 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Folder Protection</h4>
+<p style="font-size: 11.0pt; font-family: 'Open Sans';">The Folder Protection tab lets you protect specific folders from being modified or deleted by adding them to the Folder Protection list. It lets you configure the following setting:</p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'><b>Protect files in following folders from modification and deletion [Default]</b>: This option is enabled by default. It protects the files in specific folders from being modified or deleted. Once you enable this check box, it will automatically enable the following buttons:</p>
+ <ul >
+  <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Add</b>: It allows you Add folders to be protected. Browse the folders and Add in the Folder List.</li>
+  <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Delete</b>: You can delete the folder from folder list. Click on the <b>Delete</b> button. A confirmation window appears. Click <b>Yes</b>, the folder will be
+deleted.</li>
+  <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Remove All</b>: You can remove/delete all the folders in the list at once.</li>
+ </ul>
+<h4 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>File Rights</h4>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>The File Rights tab restricts or allows for remote or local users from modifying folders, subfolders, files or files with certain extensions. <br>
+<br>
+<b>Enable eScan Remote File Rights</b><br>
+Select this check box to allow/restrict the remote users to make any modifications to the files and folders.<br>
+<br>
+<b>Do not allow remote users to modify the following local files</b><br>
+The files/folders added to this list cannot be modified by the remote users.<br>
+<br>
+<b>Allow modification for following files</b><br>
+The files added to this list can be modified by the remote user.<br>
+<br>
+<b>Enable eScan local file rights</b><br>
+Select this check box to allow/restrict the local users to make any modifications to the files/folders.<br>
+<br>
+<b>Do not allow local users to modify the following files</b><br>
+The files/folders added to this list cannot be modified by the local users.<br>
+<br>
+<b>Allow modification for files</b><br>
+The files/folders added to this list can be modified by the local users.</p>
+<h4 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>TSPM</h4>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>TSPM – Terminal Services Protection Module by eScan detects brute force attempts and heuristically identifies suspicious IP Addresses/Hosts and blocks any attempts to access the system. In order to safeguard the systems from future attacks, the IP addresses and Hosts from these attacks are banned from initiating any further connections to the system.</p>
+<p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Enable Terminal Service Protection Module</b></p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'>This checkbox enables Terminal Service Protection Module. To add a list of IP addresses to be excluded from being blocked by TSPM, click <b>Add</b>. Add IP window appears. Enter the IP address and then click <b>OK</b>.</p>
+<h4 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Advanced Settings</h4>
+<p style='font-size:11.0pt;font-family:"Open Sans"'> Clicking Advanced Settings lets you configure advanced settings for console.</p>
+<p style='font-size:11.0pt;font-family:"Open Sans"'><b>Disable Reload Password (2=Disable/1=Enable)</b><br>
+This option lets you enable or disable password for reloading eScan. After enabling, the user will be asked to enter reload password if user attempts to reload eScan. This is the administrator password for eScan Protection Center.
+<br>
+<b>Display Print Job events (1 = Enable/0 = Disable)</b><br>
+This option lets you capture events for the Print Jobs from Managed Computers.
+<br>
+<b>IP Address Change Allowed (2 = Disable/1 = Enable)</b><br>
+This option lets you enable/disable IP Address Change by the user on their computer.
+<br>
+<b>Enable Time Synchronization (1 = Enable/0 = Disable)</b><br>
+This option lets you enable/disable time synchronization with internet. Active internet connection is mandatory for this feature.<br>
+<b>Clear Quarantine folder after Days specified</b><br>
+This option lets you specify number of days after which the Quarantine folder should be cleared on Managed Computers.<br>
+<b>Clear Quarantine Folder after Size Limit specified in MB</b><br>
+This option lets you specify size limit for the Quarantine folder. If the defined size limit exceeds, the Quarantine folder will be cleared on Managed Computers.<br>
+<b>Exclude System PID from Scanning (1 = Enable/0 = Disable)</b><br>
+This option lets you exclude system process ID (Microsoft assigned System PIDs) from scanning on Managed Computers.<br><br>
+<b>Disable Virtual Key Board Shortcut key (1 = Enable/0 = Disable)</b><br>
+This option lets you disable shortcut for using Virtual Keyboard on Managed Computers.<br><br>
+<b>Show eScan Tray Menu (1 = Show/0 = Hide)</b></br>
+This option lets you Hide or Show eScan Tray menu on Managed Computers.<br><br>
+<b>Show eScan Tray Icon (1 = Show/0 = Hide)</b><br>
+This option lets you hide or show eScan Tray Icon on Managed Computers.<br><br>
+<b>Show eScan Desktop Protection Icon (1 = Show/0 = Hide)</b><br>
+This option lets you hide or show eScan Protection icon on Managed Computers.<br><br>
+<b>Enable eScan Remote Support in Non-Administrator mode (1 = Enable/0 = Disable)</b><br>
+This option lets you enable/disable eScan Remote Support in Non-Administrator Mode. eScan will not prompt for entering Administrator Password to start eScan Remote Support from Managed Computers.<br><br>
+<b>Define Virus Alert Time (in seconds)</b><br>
+This option lets you define time period in seconds to display Virus Alert on Managed Computers.<br><br>
+<b>Show Malware URL Warning (1 = Show/0 = Hide)</b><br>
+This option lets you show or hide Malware URL warning messages on Managed Computers.<br><br>
+<b>Protect Windows Hosts File (1 = Allow/0 = Block)</b><br>
+Use this option to Allow/Block modifications to Windows Host Files.<br><br>
+<b>Search for HTML Scripts (1 = Allow/0 = Block)</b><br>
+Use this option to Allow/Block search for html script (infection) in files. This option will have impact on system performance.<br><br>
+<b>Show Network Executable block alert (1 = Show/0 = Hide)</b><br>
+This option lets you show/hide Network executable block alerts on Managed Computers.<br><br>
+<b>Show USB Executable Block Alert (1 = Show/0 = Hide)</b><br>
+This option lets you show/hide USB executable block alerts on Managed Computers.<br><br>
+<b>Show eScan Tray Icon on Terminal Client (1 = Show/0 = Hide)</b><br>
+This option lets you show/hide eScan Tray Icon on Terminal Clients on Managed Computers.<br><br>
+<b>Enable eScan Self Protection (1 = Enable/0 = Disable)</b><br>
+This option lets you Enable/Disable eScan Self Protection on Managed Computers, if this feature is enabled, no changes or modifications can be made in any eScan File.<br><br>
+<b>Enable eScan Registry Protection (1 = Enable/0 = Disable)</b><br>
+This option lets you Enable/Disable eScan Registry Protection. User cannot make changes in protected registry entries if it is enabled on Managed Computers.<br><br>
+<b>Enable backup of DLL files (1 = Enable/0 = Disable)</b><br>
+This option lets you Enable/Disable backup of DLL files on Managed Computers.<br><br>
+<b>Integrate Server Service dependency with Real-time monitor (1 = Enable/0 = Disable)</b><br>
+This option lets you Integrate Server Service dependency with real-time monitor.<br><br>
+<b>Send Installed Software Events (1 = Enable/0 = Disable)</b><br>
+This option lets you receive Installed Software Events from Managed Computers.<br><br>
+<b>Enable Winsock Protection (Require Restart) (1 = Enable/0 = Disable)</b><br>
+This option lets you Enable/Disable protection at the Winsock Layer.<br><br>
+<b>Enable Cloud (1 = Enable/0 = Disable)</b><br>
+This option lets you Enable/Disable eScan Cloud Security Protection on Managed Computers.<br><br>
+<b>Enable Cloud Scanning (1 = Enable/0 = Disable)</b><br>
+This option lets you Enable/Disable Cloud Scanning on Managed Computers.<br><br>
+<b>Remove LNK (Real-Time) (1 = Enable/0 = Disable)</b><br>
+This option lets you Enable/Disable Removal of LNK on real-time basis.<br><br>
+<b>Whitelisted AutoConfigURL</b><br>
+This option lets you whitelist AutoConfigURLs. Enter comma separated URLs that need to be whitelisted.<br><br>
+<b>Disable Add-ons/Extension blocking (1 = Enable/0 = Disable)</b><br>
+Selecting this option disables Add-ons and Extension blocking.<br><br>
+<b>Include files to scan for archive (Eg: abc*.exe)</b><br>
+This option lets you add file types that needs to be when archive scanning enabled.<br><br>
+<b>Block Date-Time Modification (1 = Enable/0 = Disable)</b><br>
+This option lets you block the modification of the system date and time.<br><br>
+<b>Allow CMD-Registry for Date-Time blocking (Depends upon Block Date-Time Modification) (1 = Enable/0 = Disable)</b><br>
+Selecting this option lets you block date-time modification from the CMD-Registry.<br><br>
+<b>Domain list for exclusion of Host file scanning (e.g. abc.mwti)</b><br>
+Selecting this option lets you add the list of domains to be excluded from host file scanning.<br><br>
+<b>Disable Pause Protection and Open Protection center on Right Click (Set 192 for disable)</b><br>
+This option disables Pause Protection and Open Protection center on Right Click if you set it to 192.<br><br>
+<b>Enable Share Access Control (1 = Enable/0 = Disable)</b><br>
+It enables Share Access Control. Network Shares ReadOnly Access and Network Shares NoAccess options will work only if this option is selected.</p>
+<br>
+<table class="MsoNormalTable" style="background: #DBE5F1; border-collapse: collapse; border: none;" border="1" cellspacing="0" cellpadding="0">
+<tr>
+<td style="width: 41.4pt; border: solid windowtext 1.0pt; padding: 0in 5.4pt 0in 5.4pt;" width="55">
+<p style="font-size: 11.0pt; font-family: 'Open Sans';"><strong>NOTE</strong></p>
+</td>
+<td style="width: 420.7pt; border: solid windowtext 1.0pt; border-left: none; padding: 0in 5.4pt 0in 5.4pt;" valign="top" width="561">
+<p style="font-size: 11.0pt; font-family: 'Open Sans';">Only if it is enabled the setting <b>NetworkSharesReadOnlyAccess</b> and <b>NetworkSharesNoAccess</b> will be referred</p>
+</td>
+</tr>
+</table>
+<br>
+<p style='font-size:11.0pt;font-family:"Open Sans"'><b>List of comma-separated servers and/or shares and/or wildcards which needs to be given NO ACCESS e.g. \\192.168.1.1\temp or \\192.168.1.1\temp\*.doc or *.doc (Work only when "Enable Share Access Control" is set) </b><br>
+Selecting this option lets you add the List of comma-separated servers and/or shares and/or wildcards that should not be accessible.<br><br>
+<b>List of comma-separated servers and/or shares and/or wildcards which needs to be given READ ONLY ACCESS e.g. \\192.168.1.1\temp or \\192.168.1.1\temp\*.doc or *.doc (Work only when "Enable Share Access Control" is set)</b><br>
+Selecting this option lets you add the List of comma-separated servers and/or shares and/or wildcards that should be given only view access and not be editable.<br><br>
+<b>Include files to scan for archive (eg: abc*.exe) </b><br>
+Selecting this option lets you add file types that should be scanned.<br><br>
+<b>Whitelist IP Address (Depends on IP Address Change Allowed) (E.G 192.168.1.* You can put comma-separated list)</b><br>
+Selecting this option lets you add the list of IP addresses separated by commas to whitelist them.<br><br>
+<b>Block Access to Control Panel (1 = Enable/0 = Disable)</b><br>
+Selecting this option lets you block the user from accessing the control panel.<br><br>
+<b>Disable COPY/PASTE (1 = Enable/0 = Disable)</b><br>
+Selecting this option lets you disable Copy/Paste actions.<br><br>
+<b>Enable logging of sharing activity from suspected malware system (WSmbFilt.log on client system) (1 = Enable/0 = Disable)</b><br>
+Enabling this option directs eScan to log any sharing activity performed by suspected malware system. By default, this feature is enabled.<br><br>
+<b>Block all RDP Session except Whitelisted under TSPM</b><br>
+Selecting this option lets you block all RDP sessions excluding the ones you have Whitelisted under TSPM.<br><br>
+<b>Allow RDP (1=Block Foreign IP and allow Local IP/0 =Block Local &amp; Foreign IP but allow Whitelisted IP)</b><br>
+This option lets you allow or block the foreign and local IP addresses excluding the whitelisted ones.<br><br>
+<b>PowerShell Exclusion list </b><br>
+Selecting this option lets you add a PowerShell script file path manually to exclude files and folders from real-time scan.<br><br>
+<b>Allow Uninstallers (1 = Enable/0 = Disable)</b><br>
+Selecting this option lets you enable/disable use of third party uninstallers.<br><br>
+<b>Block Renaming of Hostname (1 = Enable/0 = Disable)</b><br>
+Selecting this option lets you enable/disable block Hostname renaming.<br><br>
+<b>Restricted Environment enabled (1 = Enable/0 = Disable)</b><br>
+Selecting this option lets you enable/disable restrict environment settings.<br><br>
+<b>Block eternal blue (wannacry) exploits (1 = Enable/0 = Disable)</b><br>
+Selecting this option lets you block eternal blue (wannacry) exploits. By default, this option is enabled.</p>
+<br>
+<ul>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Default</b>: Click this button to apply the default settings.</li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>OK</b>: Click this button to apply the configured settings. </li>
+ <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Cancel</b>: Click this button to cancel the configured settings or to close the window.</li>
+</ul>