Scan Settings

Select one or more of the following options:

  • Scan floppy disk during system shutdown: Real-time Scan scans any floppy disk for boot viruses before shutting down the endpoint. This prevents any virus/malware from executing when a user reboots the endpoint from the disk.

  • Scan hidden folders: Allows OfficeScan to detect and then scan hidden folders on the endpoint during Manual Scan

  • Scan network drive: Scans network drives or folders mapped to the OfficeScan agent endpoint during Manual Scan or Real-time Scan.

  • Scan the boot sector of the USB storage device after plugging in: Automatically scans only the boot sector of a USB storage device every time the user plugs it in (Real-time Scan).

  • Scan all files in removable storage devices after plugging in: Automatically scans all files on a USB storage device every time the user plugs it in (Real-time Scan).

  • Quarantine malware variants detected in memory: Behavior Monitoring scans the system memory for suspicious processes and Real-time Scan maps the process and scans it for malware threats. If a malware threat exists, Real-Time scan quarantines the process and/or file.


    This feature requires that administrators enable the Unauthorized Change Prevention Service and the Advanced Protection Service.

  • Scan compressed files: Allows OfficeScan to scan up to a specified number of compression layers and skip scanning any excess layers. OfficeScan also cleans or deletes infected files within compressed files. For example, if the maximum is two layers and a compressed file to be scanned has six layers, OfficeScan scans two layers and skips the remaining four. If a compressed file contains security threats, OfficeScan cleans or deletes the file.


    OfficeScan treats Microsoft Office 2007 files in Office Open XML format as compressed files. Office Open XML, the file format for Office 2007 applications, uses ZIP compression technologies. If you want files created using these applications to be scanned for viruses/malware, you need to enable scanning of compressed files.

  • Scan OLE objects: When a file contains multiple Object Linking and Embedding (OLE) layers, OfficeScan scans the specified number of layers and ignores the remaining layers.

    All agents managed by the server check this setting during Manual Scan, Real-time Scan, Scheduled Scan, and Scan Now. Each layer is scanned for virus/malware and spyware/grayware.

    For example:

    The number of layers you specify is 2. Embedded within a file is a Microsoft Word document (first layer), within the Word document is a Microsoft Excel spreadsheet (second layer), and within the spreadsheet is an .exe file (third layer). OfficeScan will scan the Word document and Excel spreadsheet, and skip the .exe file.

    • Detect exploit code in OLE files: OLE Exploit Detection heuristically identifies malware by checking Microsoft Office files for exploit code.


      The specified number of layers is applicable to both Scan OLE objects and Detect exploit code options.

  • Enable IntelliTrap: Detects and removes virus/malware on compressed executable files. This option is available only for Real-time Scan.

    See IntelliTrap for details.

  • Enable CVE exploit scanning for files downloaded through web and email channels: Blocks processes that attempt to exploit known vulnerabilities in commercially available products based on the Common Vulnerabilities and Exposures (CVE) system. This option is available only for Real-time Scan.

  • Scan boot area: Scans the boot sector of the hard disk for virus/malware during Manual Scan, Scheduled Scan and Scan Now