ActiveAction
Different types of virus/malware require different scan actions. Customizing scan actions requires knowledge about virus/malware and can be a tedious task. The Security Agent uses ActiveAction to counter these issues.
ActiveAction is a set of pre-configured scan actions for viruses/malware. If you are not familiar with scan actions or if you are not sure which scan action is suitable for a certain type of virus/malware, Trend Micro recommends using ActiveAction.
Using ActiveAction provides the following benefits:
-
ActiveAction uses scan actions that are recommended by Trend Micro. You do not have to spend time configuring the scan actions.
-
Virus writers constantly change the way virus/malware attack endpoints. ActiveAction settings are updated to protect against the latest threats and the latest methods of virus/malware attacks.
The following table illustrates how ActiveAction handles each type of virus/malware.
|
Virus/Malware Type |
Real-time Scan |
Manual Scan/Scheduled Scan |
||
|---|---|---|---|---|
|
First Action |
Second Action |
First Action |
Second Action |
|
|
CVE exploit |
Quarantine |
N/A |
N/A |
N/A |
|
Joke |
Quarantine |
Delete |
Quarantine |
Delete |
|
Trojans |
Quarantine |
Delete |
Quarantine |
Delete |
|
Virus |
Clean |
Quarantine |
Clean |
Quarantine |
|
Test virus |
Deny Access |
N/A |
N/A |
N/A |
|
Packer |
Quarantine |
N/A |
Quarantine |
N/A |
|
Probable malware |
Pass |
N/A |
Pass or user-configured action |
N/A |
|
Other malware |
Clean |
Quarantine |
Clean |
Quarantine |
-
Some files are uncleanable.
-
ActiveAction is not available for spyware/grayware scan.
-
Future pattern files could update the default actions.
-
The Security Agent might take the "Clean" action on certain Trojan horse programs instead of the default action.
