Microsoft KB Archive/939361

= Forefront Client Security unexpectedly scans files that are stored in network locations when you perform a full scan of a client computer =

Article ID: 939361

Article Last Modified on 7/31/2007

-

APPLIES TO


 * Microsoft Forefront Client Security

-



SYMPTOMS
When you use Microsoft Forefront Client Security to perform a full scan of a client computer, Forefront Client Security unexpectedly scans files that are stored in network locations. On a network that has low bandwidth or that has high latency, Forefront Client Security may take a long time to scan. In this situation, Forefront Client Security seems to stop responding.

Note A full scan fully evaluates local hard disk drives. A full scan is not intended to scan network hard disk drives or removable hard disk drives.



CAUSE
This problem occurs because Forefront Client Security evaluates shortcuts that are stored in the &quot;%USERPROFILE%\Recent&quot; folder and scans the referenced files. Forefront Client Security scans these files even if they are stored in a network location.



WORKAROUND
To work around this problem, enable one of the following Group Policy settings:
 * Clear history of recently opened documents on exit
 * Do not keep history of recently opened documents

To enable one of these policy settings, follow these steps:  Log on to the computer as a local administrator. Click Start, click Run, type Gpedit.msc, and then click OK. In the console tree, expand User Configuration, expand Administrative Templates, and then click Start Menu and Taskbar. In the details pane, right-click Clear history of recently opened documents on exit, and then click Properties. In the Setting tab, click Enabled, click Apply, and then click OK.

Note When you enable this GPO, the list of items that you open is maintained until you log off the computer.

Or, enable the Do not keep history of recently opened documents GPO. To do this, follow these steps:  In the details pane, right-click Do not keep history of recently opened documents, and then click Properties. In the Setting tab, click Enabled, click Apply, and then click OK.

Note When you enable this GPO, the list of items that you open is not maintained.</li></ol> </li> Exit the Local Group Policy Editor.</li></ol>

<div class="status_section">

STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.

<div class="moreinformation_section">

MORE INFORMATION
Forefront Client Security supports the following types of scans. These scans can be performed on all managed computers or on a specific managed computer.
 * Full
 * Quick
 * Custom

These scans perform a full evaluation of local hard disk drives. These scans are not intended to scan network hard disk drives or removable hard disk drives.

Forefront Client Security also features a real-time scanner that responds to the &quot;On-Access&quot; event whenever a file is accessed. In this situation, Forefront Client Security intercepts the event and scans the file before it can be accessed. Forefront Client Security scans the file even if it is located on a shared network resource. This expected behavior is unrelated to the problem that is described in this article.

Keywords: kbtshoot kbexpertiseinter kbprb KB939361

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.