The file operation interception mode affects the operation of the File Threat Protection component.
For the duration of the scan, the application can block access to files that are being scanned by the File Threat Protection component. By default, access is blocked: any access to the scanned file must wait until the scan results are in. If the scan detects no threats in the file, the application allows access to the file. When detecting infected objects, the application performs the actions specified in the FirstAction and SecondAction settings of the File Threat Protection component.
You can choose not to block access to files that are being scanned by the File Threat Protection component. In that case, the scan is performed asynchronously.
You can configure the file operation interception mode in the command line using the FileBlockDuringScan setting in the general application settings.
You can edit the setting using command line options or a configuration file that contains all general application settings.
The FileBlockDuringScan option accepts the following values:
Yes (default value) to block access to files for the duration of the scan by the File Threat Protection component. No to allow access to files during the scan. Requests to any file is allowed, scanning is done asynchronously. This file operation interception mode has less impact on the system performance, but there is a risk that a threat in a file will not be disinfected or deleted if the file can, for example, change its name during a scan before the application makes a decision on the status of the file.