Real-time Scan: Scan Actions Parent topic

Select the scan actions:
  • ActiveAction: Select to use a set of pre-configured scan actions for viruses/malware
    For details, see ActiveAction.
    • Probable malware: Select and specify the action that the OfficeScan agent takes on probable malware threats
  • Custom action: Specify the action that the OfficeScan agent takes on specific security threats

    Custom Scan Actions

    Action
    Description
    Delete
    Deletes the infected file.
    Quarantine
    Renames and then moves the infected file to a temporary quarantine directory on the endpoint.
    The OfficeScan agent then sends quarantined files to the designated quarantine directory, which is on the OfficeScan server by default.
    The OfficeScan agent encrypts quarantined files sent to this directory.
    Clean
    Cleans the infected file before allowing full access to the file.
    If the file is uncleanable, the OfficeScan agent performs a second action, which can be one of the following actions: Quarantine, Delete, Rename, and Pass.
    This action can be performed on all types of security threats except probable virus/malware.
    Note
    Note
    Some files are uncleanable. For details, see Uncleanable Files.
    Rename
    Changes the infected file's extension to vir. Users cannot open the renamed file initially, but can do so if they associate the file with a certain application.
    The virus/malware may execute when opening the renamed infected file.
    Deny Access
    When the OfficeScan agent detects an attempt to open or execute an infected file, it immediately blocks the operation.
    Users can manually delete the infected file.
  • Display a notification when virus/malware is detected: Select to display a notification informing the OfficeScan agent user when a malware detection occurs