We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Content Shield

How to Use the Barracuda Content Shield Suite for Windows

  • Last updated on
For endpoint computers using Firefox, Barracuda Content Shield Suite requires Firefox 68.0 or later.

The Barracuda Content Shield Suite for Windows includes two components:

  • Web Filtering Component (WFC) – Applies policies you create on the Advanced Filtering page to endpoint web traffic, which take precedence over rules configured on the DNS Filtering page.
  • Malware Prevention Component (MPC) – Scans files on the endpoint for malware both at initial installation and as the user accesses files. For Windows Terminal Server deployments, any files quarantined will appear as such to all users.

The suite user interface is displayed on the Windows endpoint machine when the user clicks the shield icon idle.jpg  in the task tray. This article covers the various states of the MPC, the Status tab, the Quarantine tab, and possible errors reported. For information about getting and installing the suite, see How to Download and Install the Barracuda Content Shield Suite for Windows.

If you disable Malware Prevention on the Threat Policy page, the MPC is disabled and threat policies are not applied on the client machines. The Status and Quarantine tabs on the Barracuda Content Shield Suite interface on the endpoint will show Malware Prevention Disabled. Web Filtering will still apply to web traffic per policy.


The suite has several functions and modes:

  • File system scanning – The MPC conducts a full system scan upon installation and after rebooting. The Scanning Files progress bar is displayed on the Status tab only during the initial system scan, showing the percentage of all files scanned for the system.

  • On-access scanning – When the user attempts to access a file, the MPC scans that file.

  • Monitoring (Idle) – The MPC is waiting for activity from the user, and is not currently scanning.

Status Tab

Initial System Scan

After installing the suite on the endpoint machine, the MPC begins a full system scan. You will see the system scanning icon in the task tray. After rebooting the machine, the full system scan also runs, but is a faster process than running upon installation. This is because only files that have been touched since the last system scan are scanned again. When you click on the system scanning icon (see below), you will see the Status tab which displays:

  • Files in Quarantine – Number of files quarantined due to detected threats
  • Scanning Files progress bar

  • Path and filename of file being scanned

  • Scan Started – Date and time the initial full system scan began

  • Time Elapsed – Time elapsed since start of current scan
  • Files Scanned – Total number of files scanned since the MPC last started
  • Threats Detected – Number of threats detected since last reboot

  • Suite version in the lower right corner of the window

Task Tray Icon Behavior
While scanning.

When a threat is detected.

Click on the icon to see what file has been quarantined.


After Quarantine is opened, and/or when Content Protection is disabled because

Malware Prevention has been disabled on the Threat Policy page.

Click on the Quarantine tab to see how many files have been quarantined. Scan results are also reported to the Barracuda Content Shield web interface.

System Idle State

When the MPC is not scanning, it is idle and monitoring for the next scan. You can hover the mouse over the Shield icon in the task tray to view the following:

  • Files Scanned Number of files that have been scanned
  • Awaiting Determination – Number of files sent for deeper analysis

  • Threats Quarantined – Number of threats found since last reboot

  • Last Full Scan completed – The time the last full system scan was completed

These values are reset after the machine is rebooted. Task tray icon = eps-agent-idle.png

On-access Scan

When the user accesses a file, the MPC scans that file, displays the filename and path while scanning, and returns the result. In addition, the following items are updated on the Status tab as affected by the on-access scan:

  • Files Scanned – Number of files that have been scanned
  • Awaiting Determination – Number of files sent for deeper analysis
  • Threats quarantined – Number of threats found since last reboot

These values are reset after the machine is rebooted.

Notifications and Error Messages


Task Tray Icon

A File Was Added To Quarantine

When a file is quarantined, a notification popup appears and the task tray icon is as shown.

Unable to sync policy. If this problem persists, contact your administrator.

The endpoint machine cannot communicate with Barracuda Content Shield, and/or the on-access scanner is not running. File scanning can still take place using local settings, but the MPC is not being triggered to scan when a user accesses a file. This can happen if the MPC was uninstalled and then re-installed without rebooting. Try rebooting the machine.

Unable to communicate with server. Contact your administrator. The Barracuda Content Shield service is not available, or there is no Internet connection. On-access scanning will still apply, but only with cached results.CriticalError.PNG

Quarantine Tab

Note that only the administrator can remove files from quarantine.

Copy details to clipboard – You can hover over the Edit icon for a quarantined file to view the file details. Click on the icon to copy the file details, which can then be pasted into an email message to the administrator.

Quarantine empty – When there are no threats found, the Quarantine tab displays No Threats in Quarantine.

Quarantined files – When there are quarantined files, hover over a file to see full file path.


Last updated on