Hi Peter,

sorry, but will only support desktop(non server) products here. You may post your question on the Enterprise discussion board.

Hello Peter,

For uncleanable viruses this means that the product was not able to take the recommended action against the detected malware on system which was specified on the virus patterns. There can also be a number of reason why the product was not able to successfully clean the detected malware on your exchange environment.

For such questions i would highly recommend for you to check our Knowledgebase. Currently, only desktop products are supported on this discussion board.

http://esupport.trendmicro.com/default.aspx

Thanks

~Rex

I appreciate the feedback guys.  I’ll post on the enterprise discussion board.  Thank you.

Hi Peter,

First, I recommend you to create a log or report, about the issue, using reports product´s feature.

With those info you could filter the antivirus´s behavior about the malware detected.

After know the especifics malwares, you may search about them on http://threatinfo.trendmicro.com , for more information about the relative solution.

Good Luck ! 

Peter,

The answer you are looking for is that Trend Micro products, by default, will always attempt two actions on a virus.  The first is Clean in most products, and the second would normally be Quarantine or Delete, depending on your configuration.

In the old days, when viruses were written, they were generally appended to the end of an otherwise good file.  This made it possible, back then, to surgically remove the virus if you will, by chopping off the bad part, leaving the original file intact, and thereby cleaning the file.  In today's world, this really doesn't happen anymore, and the entire file *IS* the virus, which usually makes cleaning not a feasible option.

Generally speaking, if you see uncleanable viruses in the logs, real-time monitor, etc. you shouldn't be too concerned as the second action will be taken (Quarantine, Delete, etc.).

Ryan