Im using ESM 10.2, how can I create an actions(command) to invoke deletion of the detected trojan/malware? via ESM
You can use the remote command feature. You will probably need a tools server/jumpbox to execute the remote command on. Remote Command can use SSH and run your script on your tools server.
Use ePO tagging. lots of docmentation available. Create an Alarm, associate alarm to ePO Tagging, that will automate for you.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center