Views:

Spyware is also known as grayware in Trend Micro's general classification for applications that have annoying, undesirable, or undisclosed behavior.

Grayware applications do not fall in any of the major threat categories (i.e. virus or Trojan horse) as they are subject to system functionality, as well as user debate. Some items in the grayware category are linked to activities caused by malicious spyware.

Spyware can be acquired through almost any medium, including emails, freeware, shareware, and Internet surfing. More often, spyware grays out the boundary between legal and criminal activity, thus, the term "malicious".

Malicious spyware includes the threats that use Trojans, rootkits, backdoors, and keyloggers, and intends to harm or steal information. Majority of these applications include Adware, data miners, such as cookies, hacking tools, joke programs, keyloggers, password-cracking applications, remote access programs, and spyware.

Spyware attacks systems in various ways. These spyware infection methods include drive-by-downloads, useful free downloads, and spyware bundled into P2P file sharing applications. Spyware enters and infects a system by taking advantage of social engineering, vulnerabilities, and security issues with Microsoft IE and other misused Windows features.

Scan results are displayed in the spyware/grayware logs.

Spyware/Grayware logs

Successful scan action

Scan action is successful when the following first level results display:

Successful, no action required.

  • Cleaned: OfficeScan terminated processes or deleted registries, files, cookies, and shortcuts.
  • Passed: OfficeScan did not perform any action but logged the spyware/grayware detection for assessment.
  • Access denied: OfficeScan denied access (copy or open) to the detected spyware/grayware components.

Unsuccessful scan action

Scan action is unsuccessful or user action is required when the following first level results appear:

Further action required.

The second level results will have at least one of the following messages:

  • Spyware/Grayware unsafe to clean.

    This message displays if the Spyware Scan Engine attempts to clean any single folder and the criteria below are met. Contact your support provider for assistance.

    • Items to clean exceed 250MB.
    • The operating system uses the files in the folder. The folder may also be necessary for normal system operation.
    • The folder is a root directory such as C: or F:.

  • Spyware/Grayware scan stopped manually. Please perform a complete scan.

    A user stopped scanning before it was completed. To fix this, run a manual scan and wait for the scan to finish.

  • Spyware/Grayware cleaned, restart required. Please restart the computer.

    OfficeScan cleaned the spyware/grayware components, but computer restart is required to complete the task. Restart the computer immediately.

  • Spyware/Grayware scan result unidentified. Please contact Trend Micro Technical Support.

    A new version of Spyware Scan Engine provides a new scan result that OfficeScan has not been configured to handle. Contact your support provider for help in determining the new scan result.

Keywords: spyware and scan action results,spyware scanaction ,spyware scan action