Views:
Different types of virus/malware require different scan actions. Customizing scan actions requires knowledge about virus/malware and can be a tedious task. The Trend Vision One Endpoint Security agent uses ActiveAction to counter these issues.
ActiveAction is a set of pre-configured scan actions for viruses/malware. If you are not familiar with scan actions or if you are not sure which scan action is suitable for a certain type of virus/malware, Trend Micro recommends using ActiveAction.
Using ActiveAction provides the following benefits:
  • ActiveAction uses scan actions that are recommended by Trend Micro. You do not have to spend time configuring the scan actions.
  • Virus writers constantly change the way virus/malware attack endpoints. ActiveAction settings are updated to protect against the latest threats and the latest methods of virus/malware attacks.
The following table illustrates how ActiveAction handles each type of virus/malware.

Trend Micro Recommended Scan Actions Against Viruses and Malware

Virus/Malware Type
Real-time Scan
Manual Scan/Scheduled Scan
First Action
Second Action
First Action
Second Action
CVE exploit
Pass
N/A
N/A
N/A
Joke
Quarantine
N/A
Quarantine
N/A
Trojans
Quarantine
N/A
Quarantine
N/A
Virus
Clean
Quarantine
Clean
Quarantine
Test virus
Deny Access
N/A
Pass
N/A
Packer
Quarantine
N/A
Quarantine
N/A
Others
Clean
Quarantine
Clean
Quarantine
Probable malware
Pass
N/A
Pass or user-configured action
N/A
Note
Note
  • For probable virus/malware, the default action is Deny Access during Real-time Scan and Pass during Manual Scan and Scheduled Scan. If these are not your preferred actions, you can change them to Quarantine, Delete, or Rename.
  • Some files are uncleanable.
  • ActiveAction is not available for spyware/grayware scan.