When a USB storage device is plugged into the Windows system, SEPs AutoProtect component generates an event. Note: This scan does not scan memory or loadpoints and is disabled by default.
SEP CLIENT configuration
The following registry key and values must be created on the client systems to enable this functionality:
There is no need to restart the machine or the SEP services. In order to disable this feature, either set Enabled to a value of 0 or delete the registry key values noted above.
Virus and Spyware Protection Policy
Verify under Auto-Protect - Advanced Scanning and Monitoring that the option "Check floppies for boot viruses when accessed" is active.
When this scan is triggered, a scan event entry will be logged under the Virus and Spyware Protection Logs by "Removable Media Scan" with a Type of "Custom Scan". This scan type runs with the "Best Application Performance" configuration to reduce impact to the end-user.