Symantec 10551441 Administration Guide - Page 174
Defining Symantec AntiVirus actions for handling suspicious files
![]() |
UPC - 037648270472
View all Symantec 10551441 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 174 highlights
174 Responding to virus outbreaks Preparing for a virus outbreak Defining Symantec AntiVirus actions for handling suspicious files By default, Symantec AntiVirus performs the following actions when it identifies a suspicious file: ■ Symantec AntiVirus attempts to repair the file. ■ If the file cannot be repaired with the current set of virus definitions files, the infected file is moved to the Quarantine on the local computer. In addition, the Symantec AntiVirus client makes a log entry of the threat event in its log. The Symantec AntiVirus client data is forwarded to a primary server. You can view log data from the Symantec System Center console. You can perform the following additional actions to complete your virus handling strategy: ■ Define different repair actions based on virus type. For example, you can have Symantec AntiVirus automatically fix macro viruses, but ask what action to take when a program file virus is detected. ■ Assign a backup action for files that Symantec AntiVirus cannot repair, such as deleting the infected file. ■ Receive virus alerts, such as a page or email message, if you are using AMS2. ■ Configure the local Quarantine to forward infected files to the Central Quarantine. You can configure the Central Quarantine to attempt a repair based on its set of virus definitions files (which may be more up-to-date than the definitions on the local computer), or automatically forward samples of infected files to Symantec Security Response for analysis. See "About the Alert Management System" on page 61. For more information, see the Symantec Central Quarantine Administrator's Guide. Automatically purging suspicious files from local Quarantines When Symantec AntiVirus scans a suspicious file, it places the file in the local Quarantine folder on the affected computer. The Quarantine purge feature automatically deletes files in the Quarantine that exceed a specified age. Registry settings for Quarantine purge are located in this registry key: \\HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\ CurrentVersion\Quarantine
![](/manual_guide/products/symantec-10551441-administration-guide-58c1ab2/174.png)