The scan action OfficeScan performs depends on the virus/malware type and the scan type that detected the virus/malware. The scan types are Real-time Scan, Manual Scan and Scheduled Scan. For example, when OfficeScan detects a Trojan horse program (virus/malware type) during Manual Scan (scan type), it cleans (action) the infected file.
If your OfficeScan administrator grants you the privilege to configure scan actions, you can choose from the following scan configuration options:
Specify the scan action for each virus/malware type.
Specify one scan action for all virus/malware types.
Use ActiveAction.
The scan actions are as follows: (See scan results for details on how OfficeScan logs each of the scan actions it performs.)
|
Scan Action |
Description |
|
OfficeScan deletes the infected file. | |
|
OfficeScan renames and then moves the infected file to a temporary quarantine directory on the client computer, which is found in {OfficeScan client folder}\Suspect. The OfficeScan client then sends quarantined files to the designated quarantine directory, which the OfficeScan administrator specifies. | |
|
OfficeScan cleans the infected file before allowing full access to the file. If the file is uncleanable, OfficeScan performs a second action, which can be one of the following actions: Quarantine, Delete, Rename, Pass. If you have the privilege to configure scan actions, you can specify the second action by going to Settings > {Scan Type}. Select Custom action and then click Edit.
| |
|
OfficeScan changes the infected file's extension to "vir". Users cannot open the renamed file initially, but can do so if they associate the file with a certain application.
| |
|
OfficeScan performs no action on the infected file but records the virus/malware detection in the logs. The file stays where it is located. | |
|
This scan action can only be performed during Real-time Scan. When OfficeScan detects an attempt to open or execute an infected file, it immediately blocks the operation. You can manually delete the infected file. |
The scan action OfficeScan performs depends on the scan type that detected the spyware/grayware. The scan types are Real-time Scan, Manual Scan and Scheduled Scan.
OfficeScan performs the specified action for all types of spyware/grayware. For example, when OfficeScan detects any type of spyware/grayware during Manual Scan (scan type), it cleans (action) the affected system resources.
The scan actions are as follows: (See scan results for details on how OfficeScan logs each of the scan actions it performs.)
|
Scan Action |
Description |
|
OfficeScan terminates processes or delete registries, files, cookies and shortcuts. | |
|
OfficeScan performs no action on detected spyware/grayware components but records the spyware/grayware detection in the logs. | |
|
OfficeScan denies access (copy, open) to the detected spyware/grayware components. |