Specifications

Trend Micro™ OfficeScan™ 10 Administrator’s Guide

5-40

Spyware/Grayware Scan Actions

The scan action OfficeScan performs depends on the scan type that detected the

spyware/grayware. While specific actions can be configured for each virus/malware

type, only one action can be configured for all types of spyware/grayware (for

information on the different type of spyware/grayware, see Spyware and Grayware on page

5-4). For example, when OfficeScan detects any type of spyware/grayware during

Manual Scan (scan type), it cleans (action) the affected system resources.

Scan Actions

The following are the actions OfficeScan can perform against spyware/grayware:

Clean

OfficeScan terminates processes or delete registries, files, cookies, and shortcuts

After cleaning spyware/grayware, OfficeScan clients back up spyware/grayware data,

which you can restore if you consider the spyware/grayware safe to access. See

Spyware/Grayware Restore on page 5-42 for details.

Pass

OfficeScan performs no action on detected spyware/grayware components but records

the spyware/grayware detection in the logs. This action can only be performed during

Manual Scan, Scheduled Scan, and Scan Now. During Real-time Scan, the action is

"Deny Access".

OfficeScan will not perform any action if the detected spyware/grayware is included in

the approved list. See Spyware/Grayware Approved List on page 5-41 for details.

Deny Access

OfficeScan denies access (copy, open) to the detected spyware/grayware components.

This action can only be performed during Real-time Scan. During Manual Scan,

Scheduled Scan, and Scan Now, the action is "Pass".

Display a Notification Message When Spyware/Grayware is Detected

When OfficeScan detects spyware/grayware during Real-time Scan and Scheduled Scan,

it can display a notification message to inform the user about the detection.

To modify the notification message, go to Notifications > Client User Notifications

> Spyware/Grayware tab.