Configuring scheduled and interval malware scans

Applies To: Forefront Client Security

A Client Security policy can enforce scheduled and interval malware scans. When you edit or create a policy, use the Protection tab to configure whether the policy enforces a scheduled malware scan, an interval malware scan, or both.

You can enable virus protection and spyware protection separately; however, you can create only one schedule for both virus and spyware protection. Likewise, you can create only one interval scan for both virus and spyware protection.

Full scans have a significant effect on the system performance of client computers. It is recommended that, when possible, you configure scheduled and interval full scans to occur at times of low system usage, such as after business hours. If a client computer is offline for two consecutive scheduled scans, Client Security starts the scan the next time the antimalware service starts.

The default settings for scheduled malware scans include a daily full scan at 02:00 (2:00 A.M.).

Also, you can allow end users to schedule malware scans using the Client Security agent UI. A policy can specify that users can select the date and time (or only the time) of scheduled scans.

Note

Other settings affect whether end users can access the Client Security agent UI and change settings in the UI. For more information, see Enabling and disabling malware protection and Controlling the end-user experience.

The Task Scheduler service must be enabled and running on client computers on which you want to run scheduled and interval scans. If this service is disabled, the Client Security agent cannot run scheduled or interval scans. For scheduled events, Client Security creates hidden tasks on client computers.

To view hidden tasks on a client computer, in Control Panel, open Scheduled Tasks, click Advanced, and then click View Hidden Tasks.

To enable scheduled and interval scans

  1. In the Client Security console, edit or create the policy that will enforce the scan. For information about editing or creating a policy, see Creating, editing, copying, and deleting policies.

  2. In the New Policy or Edit Policy dialog box, click the Protection tab.

  3. If you want to schedule scans for a particular time, do the following:

    1. Under Malware scanning, select the Run a scan at this time check box.

    2. In the Start time lists, select a day of the week for the start of the scan, or select Every day. Also select the hour for the start of the scan.

    3. In the Scan type list, select either Full scan or Quick scan. For information about the types of scans, see About scans.

  4. If you want to schedule a quick scan at regular intervals, under Malware scanning, select the Run a Quick Scan at set interval check box and set the number of hours between quick scans.

  5. After you finish creating or editing the policy, click OK.

  6. To apply the policy to client computers, you must deploy the policy. For information about deploying a policy, see Deploying and undeploying policies.

To allow end users to schedule scans

  1. In the Client Security console, edit or create the policy that will enforce the scan. For information about editing or creating a policy, see Creating, editing, copying, and deleting policies.

  2. In the New Policy or Edit Policy dialog box, click the Protection tab.

  3. Under Malware scanning, select the Run a scan at this time check box.

  4. If you want to allow users to control both the day and the time of a scheduled scan, from the first Start time list, select User controlled (at the bottom of the list).

  5. If you want to allow users to control only the time of a scheduled scan, do the following:

    1. From the first Start time list, select the day of the week for the scan, or select Every day.

    2. From the second Start time list, select User controlled (at the bottom of the list).

  6. In the Scan type list, select either Full scan or Quick scan. For information about the types of scans, see About scans.

  7. After you finish creating or editing the policy, click OK.

  8. To apply the policy to client computers, you must deploy the policy. For information about deploying a policy, see Deploying and undeploying policies.

To disable a scheduled or interval scan

  1. In the Client Security console, edit or create the policy in which you want to disable scheduled or interval scans. For information about editing or creating a policy, see Creating, editing, copying, and deleting policies.

  2. In the Edit Policy dialog box, click the Protection tab.

  3. If you want to disable scheduled scans run at a particular time, under Malware scanning, clear the Run a scan at this time check box.

    If you want to disable quick scanning at regular intervals, under Malware scanning, clear the Run a Quick Scan at set interval check box and set the number of hours between quick scans.

  4. After you finish editing the policy, click OK.

  5. To apply the policy to client computers, you must deploy the policy. For information about deploying a policy, see Deploying and undeploying policies.