Spyware/Grayware Scan Actions

The scan action Apex One performs depends on the scan type that detected the spyware/grayware. While specific actions can be configured for each virus/malware type, only one action can be configured for all types of spyware/grayware. For example, when Apex One detects any type of spyware/grayware during Manual Scan (scan type), it cleans (action) the affected system resources.

For information on the different types of spyware/grayware, see Spyware and Grayware.


The spyware/grayware scan actions are configurable through the web console only. The Security Agent console does not provide access to these settings.

The following table lists the actions Apex One can perform against spyware/grayware.

Table 1. Spyware/Grayware Scan Actions




Apex One terminates processes or delete registries, files, cookies, and shortcuts.

After cleaning spyware/grayware, Security Agents back up spyware/grayware data, which you can restore if you consider the spyware/grayware safe to access.

See Restoring Spyware/Grayware for details.


Apex One performs no action on detected spyware/grayware components but records the spyware/grayware detection in the logs. This action can only be performed during Manual Scan, Scheduled Scan, and Scan Now. During Real-time Scan, the action is "Deny Access".

Apex One will not perform any action if the detected spyware/grayware is included in the approved list.

See Spyware/Grayware Approved List for details.

Deny Access

Apex One denies access (copy, open) to the detected spyware/grayware components. This action can only be performed during Real-time Scan. During Manual Scan, Scheduled Scan, and Scan Now, the action is "Pass".