Default ActiveAction Behaviors
Virus/Malware Type |
Real-time Scan - First Action |
Real-time Scan - Second Action |
On-Demand Scan - First Action |
On-Demand Scan - Second Action |
---|---|---|---|---|
Joke program |
*Quarantine |
N/A |
Quarantine |
N/A |
Trojan horse |
Quarantine |
N/A |
Quarantine |
N/A |
Virus |
Clean |
Quarantine |
Clean |
Quarantine |
Test virus |
Deny Access |
N/A |
Pass |
N/A |
Packer |
Quarantine |
N/A |
Quarantine |
N/A |
Others |
Clean |
Quarantine |
Clean |
Quarantine |
Probable virus/malware |
Pass |
N/A |
Pass |
N/A |
* CPM renames and then moves infected files to the following, non-configurable, directory on the client’s computer:
C:\Program Files\Trend Micro\Core Protection Module\Quarantine
If you need to access any of the quarantined files, you can access the directory using system administrator credentials and restore it using the VSEncrpyt tool.