Scan results display in the virus/malware logs. Take the necessary steps if virus/malware scan action was unsuccessful.
1. Scan action was successful when the following scan results display.
Scan Result |
Explanation |
Deleted |
|
Quarantined |
|
Cleaned |
An infected file was cleaned. |
Renamed |
|
Access denied |
|
Passed |
|
Passed a potential security risk |
This scan result only displays when OfficeScan detects "probable virus/malware". OfficeScan automatically uses Pass as the scan action when it detects probable virus/malware. Refer to the Trend MicroVirus Encyclopedia for information about probable virus/malware and to submit suspicious files to Trend Micro for analysis. |
2. Scan action was unsuccessful when the following scan results display.
Scan Result |
Explanation |
Unable to clean or quarantine the file.
Unable to clean or delete the file.
Unable to clean or rename the file. |
Explanation: Clean is the first action. Quarantine/Delete/Rename is the second action, and both actions are unsuccessful. Solution: Refer to the following scan results below for solutions:
|
Unable to quarantine the file.
Unable to rename the file.
|
Explanation 1: The infected file may be locked by another application, is executing, or is on a CD. OfficeScan will quarantine/rename the file after the application releases the file or after it has been executed. Solution: For infected files on a CD, consider not using the CD as the virus may infect other computers on the network.
Explanation 2: The infected file is in the Temporary Internet Files folder of the client computer. Since the computer downloads files while you are browsing the Web, the Web browser may have locked the infected file. When the Web browser releases the file, OfficeScan will quarantine/rename the file. Solution: None |
Unable to delete the file. |
Explanation 1: The infected file may be contained in a compressed file and the Clean/Delete infected files within compressed files setting in Networked Computers > Global Client Settings is disabled. Solution: Enable the Clean/Delete infected files within compressed files option. When enabled, OfficeScan decompresses a compressed file, cleans/deletes infected files within the compressed file, and then re-compresses the file.
Explanation 2: The infected file may be locked by another application, is executing, or is on a CD. OfficeScan will delete the file after the application releases the file or after it has been executed. Solution: For infected files on a CD, consider not using the CD as the virus may infect other computers on the network.
Explanation 3: The infected file is in the Temporary Internet Files folder of the client computer. Since the computer downloads files while you are browsing the Web, the Web browser may have locked the infected file. When the Web browser releases the file, OfficeScan will delete the file. Solution: None |
Unable to clean the file. |
Explanation 1: The infected file may be contained in a compressed file and the Clean/Delete infected files within compressed files setting in Networked Computers > Global Client Settings is disabled. Solution: Enable the Clean/Delete infected files within compressed files option. When enabled, OfficeScan decompresses a compressed file, cleans/deletes infected files within the compressed file, and then re-compresses the file.
Explanation 2: The infected file is in the Temporary Internet Files folder of the client computer. Since the computer downloads files while you are browsing the Web, the Web browser may have locked the infected file. When the Web browser releases the file, OfficeScan will clean the file. Solution: None
Explanation 3: The Virus Scan Engine does not clean the following files:
Solution: OfficeScan uses the Virus Cleanup Engine and Virus Cleanup Template to remove Trojans.
Solution: Trend Micro recommends deleting worms.
Solution: Remove the write-protection to allow OfficeScan to clean the file.
Solution: Remove the password protection for OfficeScan to clean these files.
Solution: If OfficeScan successfully cleans the infected file, you do not need to keep the backup copy. If your system functions normally, you may delete the backup file.
Solution: Delete infected files in the Recycle Bin. MORE >> For computers running Windows 2000/XP/Server 2003 with NTFS File System:
cd \ cd recycled del *.* /S The last command deletes all files in your Recycle Bin.
For computers running other Operating Systems (or NT platforms without NTFS):
cd \ cd recycled del *.* /S The last command deletes all files in your Recycle Bin.
Solution: Delete infected files in the Windows Temp folder. MORE >> For computers running Windows 2000/XP/Server 2003 with NTFS File System:
cd temp attrib -h del *.* /S The last command deletes all files in the Windows Temp folder.
For computers running other operating systems (or those without NTFS):
cd temp attrib –h del *.* /S The last command deletes all files in your Windows Temp folder.
Delete infected files in the Internet Explorer temporary folder. MORE >> For computers running Windows 2000/XP/Server 2003 with NTFS File System:
cd tempor~1 attrib -h del *.* /S The last command deletes all files in your Internet Explorer temporary folder.
For computers running other operating systems (or those without NTFS):
cd tempor~1 attrib –h del *.* /S The last command deletes all files in your Internet Explorer temporary folder.
|
Scan results display in the spyware/grayware logs. Take the necessary steps if spyware/grayware scan requires user action.
1. Scan action was successful when the following scan results display.
Scan Result |
Explanation |
The first level result is "Successful, no action required". |
The second level results are as follows:
|
2. Scan action was unsuccessful or user action is required when the following scan results display.
Scan Result |
Explanation |
The first level result is "Further action required". |
The second level results will have at least one of the following messages:
|