Views:

Procedure

  1. In the Virus/Malware section, configure the required settings.
    1. Select the type of action that the Trend Vision One Endpoint Security agent takes after detecting a security threat.
      • Use ActiveAction: Select to use a set of pre-configured scan actions for viruses/malware
        For more information, see ActiveAction.
        • Customize action for probable virus/malware: Select and specify the action that the Trend Vision One Endpoint Security agent takes on probable malware threats
      • Use the same action for all virus/malware types: Specify the action that the Trend Vision One Endpoint Security agent takes on all malware threats
      • Use a specific action for each virus/malware type: Specify the action that the Trend Vision One Endpoint Security agent takes on specific security threats
        For more information, see Custom Scan Actions.
    2. Select Back up files before cleaning to create an encrypted copy of the infected file on the endpoint in the <Agent installation folder>\Backup folder.
      Creating a backup copy of the file allows you to restore the original version of the file if necessary.
    3. Specify the location of the quarantine directory.
      • Quarantine to the Security Agent's managing server: The Trend Vision One Endpoint Security agent sends an encrypted copy of all quarantined files to the managing Apex One server
      • Quarantine directory: The Trend Vision One Endpoint Security agent sends an encrypted copy of all quarantined files to the specified location
      For more information, see Quarantine Directory.
    4. In the Damage Cleanup Services section, configure the following:
      • Cleanup type
        • Standard cleanup: The Trend Vision One Endpoint Security agent performs any of the following actions during standard cleanup:
          • Detects and removes live Trojans
          • Kills processes that Trojans create
          • Repairs system files that Trojans modify
          • Deletes files and applications that Trojans drop
        • Advanced cleanup: In addition to the standard cleanup actions, the Trend Vision One Endpoint Security agent stops activities by rogue security software (also known as FakeAV) and certain rootkit variants.
      • Run cleanup when probable virus/malware is detected: Performs the configured cleanup type on probable malware threats
        Note
        Note
        You can only select this option if the action on probable virus/malware is not Pass or Deny Access.
  2. In the Spyware/Grayware section, select the action the Trend Vision One Endpoint Security agent takes after detecting spyware or grayware programs.
    • Clean: Terminates all related processes and deletes associated registry values, files, cookies and shortcuts
      Note
      Note
      After cleaning spyware/grayware, Trend Vision One Endpoint Security agents back up spyware/grayware data, which you can restore if you consider the spyware/grayware safe to access.
    • Pass: Logs the detection but allows the program to execute