Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

“Passed a potential security risk” appears on the Virus/Malware Logs

    • Updated:
    • 12 Aug 2019
    • Product/Version:
    • Deep Security 10.0
    • Deep Security 9.0
    • OfficeScan 11.0
    • OfficeScan XG.All
    • Worry-Free Business Security Services 6.0
    • Worry-Free Business Security Services 6.6
    • Worry-Free Business Security Standard/Advanced 10.0
    • Platform:
    • Windows 2003 Compute Cluster Server
    • Windows 2003 Datacenter Server
    • Windows 2003 Datacenter Server Edition 64-bit
    • Windows 2003 Enterprise Server
    • Windows 2003 Home Server
    • Windows 2003 Small Business Server
    • Windows 2003 Standard Server Edition
    • Windows 2003 Standard Server Edition 64-bit
    • Windows 2003 Storage Server
    • Windows 2003 Web Server Edition
    • Windows 2008 Enterprise Server
    • Windows 2008 Standard Server Edition
    • Windows Vista 32-bit
    • Windows XP Home
Summary

The scan action “Passed a potential security risk” appears when the product detects a probable virus/malware while it is using ActiveAction.

activeaction

ActiveAction is a set of pre-configured scan actions that identifies virus/malware types and provides suggested actions according to how each type invades a computer system or environment. By default, "Pass" is the action for probable virus/malware. This means that due to aggressiveness of the detection, Security Solution will perform no action on the possibly infected file but instead records the virus/malware detection in the logs. The file stays where it is located.

Details
Public

Configure your product to take action on probable virus/malware.

  1. Log on to the OfficeScan management console.
  2. Go to Agents > Agent Management.
  3. In the Agent Tree, select the OfficeScan Server/Domain/Computer.
  4. Go to Settings > Scan Settingsand select the scan type.
    • Manual Scan Settings
    • Real-time Scan Settings
    • Scheduled Scan Settings
    • Scan Now Settings
  5. Go to Action tab.
  6. Under ActiveAction, put a check on "Customize action for probable virus/malware" and select the corresponding scan action.

    osce

  7. Alternatively, you can select "Use a specific scan action for each virus/malware type" and configure the scan action for probable malware.
  1. Log on to Worry-Free Business Security management console.
  2. Go to Devices.
  3. Select the group on the left panel and click Configure Policy.
  4. Click Antivirus/Anti-spyware and go to Action tab.
  5. Under ActiveAction put a check on "Set action for probable malware", and select the corresponding scan action.

    wfbs

  6. Alternatively, you can select "Customized action for the following detected threats", and configure the scan action for probable malware.
  1. Log on to the WFBS-SVC console.
  2. Go to the Configure Policy page and perform one of the following:

    • Classic Mode: Go to SECURITY AGENTS and select a group. Click the Menu icon (three vertical dots) > Configure Policy.
    • Advanced Mode: Go to POLICIES > Policy Management. Click Add or click an existing policy.
  3. In the Configure Policy page, click on the Windows icon.
  4. Click Scan Settings.

    Scan Settings

  5. Under Real-time Scan, Scheduled Scan and Manual Scan, click Configure Settings.
  6. Go to the Action tab.
  7. Under Virus/Malware, select Customized actions.
  8. Configure the scan action for Probable virus/malware and click OK.

    Probable malware

  1. Log on to Deep Security management console.
  2. Go to Policies > Common Objects > Other > Malware Scan Configurations.
  3. Select the scan configuration.
  4. Go to Advanced tab.
  5. Under Remediation Actions select Custom,
  6.  and configure the scan action for Possible Malware.

    depp security

 
All policies, where your modified scan configurations are assigned, will be affected.
Premium
Internal
Rating:
Category:
Troubleshoot; Remove a Malware / Virus
Solution Id:
1054588
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.