ActiveAction

Different types of virus/malware require different scan actions. Customizing scan actions requires knowledge about virus/malware and can be a tedious task. The Security Agent uses ActiveAction to counter these issues.

ActiveAction is a set of pre-configured scan actions for viruses/malware. If you are not familiar with scan actions or if you are not sure which scan action is suitable for a certain type of virus/malware, Trend Micro recommends using ActiveAction.

Using ActiveAction provides the following benefits:

  • ActiveAction uses scan actions that are recommended by Trend Micro. You do not have to spend time configuring the scan actions.

  • Virus writers constantly change the way virus/malware attack endpoints. ActiveAction settings are updated to protect against the latest threats and the latest methods of virus/malware attacks.

The following table illustrates how ActiveAction handles each type of virus/malware.

Table 1. Trend Micro Recommended Scan Actions Against Viruses and Malware

Virus/Malware Type

Real-time Scan

Manual Scan/Scheduled Scan

First Action

Second Action

First Action

Second Action

Joke

Quarantine

Delete

Quarantine

Delete

Trojans

Quarantine

Delete

Quarantine

Delete

Virus

Clean

Quarantine

Clean

Quarantine

Test virus

Deny Access

N/A

N/A

N/A

Packer

Quarantine

N/A

Quarantine

N/A

Probable malware

Pass

N/A

Pass or user-configured action

N/A

Other malware

Clean

Quarantine

Clean

Quarantine

Note:
  • Some files are uncleanable.

  • ActiveAction is not available for spyware/grayware scan.

  • Future pattern files could update the default actions.

  • The Security Agent might take the "Clean" action on certain Trojan horse programs instead of the default action.