Spyware/Grayware Scan Actions

The scan action OfficeScan performs depends on the scan type that detected the spyware/grayware. While specific actions can be configured for each virus/malware type, only one action can be configured for all types of spyware/grayware. For example, when OfficeScan detects any type of spyware/grayware during Manual Scan (scan type), it cleans (action) the affected system resources.

The following are the actions OfficeScan can perform against spyware/grayware:

Table 1. Spyware/Grayware Scan Actions




OfficeScan terminates processes or delete registries, files, cookies, and shortcuts.

After cleaning spyware/grayware, OfficeScan clients back up spyware/grayware data, which you can restore if you consider the spyware/grayware safe to access.


OfficeScan performs no action on detected spyware/grayware components but records the spyware/grayware detection in the logs. This action can only be performed during Manual Scan, Scheduled Scan, and Scan Now. During Real-time Scan, the action is "Deny Access".

OfficeScan will not perform any action if the detected spyware/grayware is included in the approved list.

Deny Access

OfficeScan denies access (copy, open) to the detected spyware/grayware components. This action can only be performed during Real-time Scan. During Manual Scan, Scheduled Scan, and Scan Now, the action is "Pass".