Getting to Know the Forefront
Client Security Software
Joe Lear, Associate Director/Systems Administrator
By now all of you should have installed the new Forefront Client Security
software from Microsoft. For most of you this was done by a logon
script that uninstalled the old Symantec Antivirus (which was
represented by the gold shield in the system tray in the lower right of
your computer screen) and installed the Microsoft Forefront Client which
is the green icon with the white checkmark in your system tray.
had to manually run the script due to issues with the User Account
Control in Vista or they worked at home or did not work in an office with a
file server. We appreciated your patience with us and the process to get
the new antivirus\spyware client installed. If you still have not
installed the new Forefront client or you are having difficulty
installing the client, please call ETCS for assistance.
To look at the various features of Forefront, Double click the Forefront
icon and open the Forefront Client Security window. At the bottom of
the window you will see the latest antivirus and antispyware definition
dates. These dates should only be a day or two old at the most.
You can check for updates by running Windows Update or by clicking the
down arrow next to the help icon and choosing check for updates.
The middle of the window will give you information regarding the status
of the client on your computer.
At the top of the window is the Menu Bar. Clicking the Down Arrow next
to Scan allows you to choose a quick scan, full scan or custom scan. A
full scan will scan not only your C: drive but all your network drives.
We recommend in most cases, doing a custom scan and then selecting the
C:\ drive to be scanned. Click the OK button, then the Scan Now button
to begin the scan. The software is set to do a quick scan of your
computer at 2 am each morning. If you shutdown your computer, the scan
will start up after you log into your computer each morning.
The History icon on the menu will show you any virus or malware that has
been found on your computer and what steps were taken to protect the
system from it. You will also see any programs that are allowed to
operate on the system, that the program canít identify and allow more
investigation to be done. One you may see is for a file called
iqvw32.sys which is a file for the desktop network card and it is
click the Tools icon on the menu, youíll see this is where you can
change options and view the quarantined items that Forefront has found.
Clicking the Quarantined items link shows you all the files that the
software has found that have viruses or spyware. If you see files
listed in the Quarantined items list, click the Remove All button to
delete these files from your computer.
The Forefront system tray icon will change colors depending on the
status of the software. If you see an orange icon with a black
exclamation mark, Forefront has either missed a scan of your computer
for several days or needs to be updated. Double click the icon to bring
up the Forefront Window and see what needs to be done.
If the forefront icon is red with an X in the middle this is an
indication that a virus or other malware has been found. You can double
click the icon to find out the issue and then go to the history or
quarantine items section to get more information on the detected virus
If the forefront icon is gray with a spinning circle, this means that a
scan is in progress. It is either the scheduled scan that was missed,
or one that you initiated from the scan icon on the menu.
This is a quick primer on the use and functionality of the new Forefront
client. If you do not see the Forefront icon on your computer or you
have questions about the new client, please let us know.