Views:

Procedure

  1. In the Virus/Malware section, configure the required settings.
    1. Select the type of action that the Security Agent takes after detecting a security threat.
      • Use ActiveAction: Select to use a set of pre-configured scan actions for viruses/malware
        For more information, see ActiveAction.
        • Customize action for probable virus/malware: Select and specify the action that the Security Agent takes on probable malware threats
      • Use the same action for all virus/malware types: Specify the action that the Security Agent takes on all malware threats
      • Use a specific action for each virus/malware type: Specify the action that the Security Agent takes on specific security threats
        For more information, see Custom Scan Actions.
    2. Select the types of notification that display to end users.
      • Display a notification when virus/malware is detected: Select to display a notification informing the Security Agent user when a malware detection occurs
      • Display a notification when probable virus/malware is detected: Select to display a notification informing the Security Agent user when a probable malware detection occurs
    3. Select Back up files before cleaning to create an encrypted copy of the infected file on the endpoint in the <Agent installation folder>\Backup folder.
      Creating a backup copy of the file allows you to restore the original version of the file if necessary.
    4. Specify the location of the quarantine directory.
      • Quarantine to the Security Agent's managing server: The Security Agent sends an encrypted copy of all quarantined files to the managing Apex One server
      • Quarantine directory: The Security Agent sends an encrypted copy of all quarantined files to the specified location
      For more information, see Quarantine Directory.
    5. In the Damage Cleanup Services section, configure the following:
      • Cleanup type
        • Standard cleanup: The Security Agent performs any of the following actions during standard cleanup:
          • Detects and removes live Trojans
          • Kills processes that Trojans create
          • Repairs system files that Trojans modify
          • Deletes files and applications that Trojans drop
        • Advanced cleanup: In addition to the standard cleanup actions, the Security Agent stops activities by rogue security software (also known as FakeAV) and certain rootkit variants.
      • Run cleanup when probable virus/malware is detected: Performs the configured cleanup type on probable malware threats
        Note
        Note
        You can only select this option if the action on probable virus/malware is not Pass or Deny Access.
  2. In the Spyware/Grayware section, select the action the Security Agent takes after detecting spyware or grayware programs.
    • Clean: Terminates all related processes and deletes associated registry values, files, cookies and shortcuts
      Note
      Note
      After cleaning spyware/grayware, Security Agents back up spyware/grayware data, which you can restore if you consider the spyware/grayware safe to access.
    • Pass: Logs the detection but allows the program to execute
    • Display a notification on endpoints when spyware/grayware is detected: Select to display a notification informing the Security Agent user when a spyware/grayware detection occurs