It is possible that infected files can be uploaded from a client workstation to an N4 host as file where there is upload functionality such as the Media Assets view (on page 1). You can create the virusScanner code extension to scan any file that gets uploaded to N4 before it is saved on the server.
To create the virus scanner as a custom code extension:
In the Code Extensions view, copy the sample code extension N4VirusScanner.groovy to a new code extension with these parameters:
Level: Global
Extension Type: LIBRARY
Code Extension Name: virusScanner. The name must be "virusScanner" or else N4 will ignore the code extension and not load it.
Extension Language: Groovy
Optional: Add a comma-separated list of content types to be rejected automatically without scanning by using the setting FRMSECURITY049 (UPLOAD_MEDIA_TYPE_DENY_LIST) (on page 1).
The denied types should be listed in the format "application/octet-stream, application/zip," etc.