08-31-2009 01:40 PM
I'm pretty new to Trend's Antivirus Suite for Microsoft Exchange and this may be a stupid question. The real-time monitor tells me that it found X number of uncleanable viruses. Does that mean it quarantined the viruses but couldn't remove them or knows that there are viruses it couldn't remove and quarantine? Any feedback would be greatly appreciated. Thank you.
08-31-2009 04:50 PM
sorry, but will only support desktop(non server) products here. You may post your question on the Enterprise discussion board.
08-31-2009 05:05 PM - edited 08-31-2009 05:11 PM
For uncleanable viruses this means that the product was not able to take the recommended action against the detected malware on system which was specified on the virus patterns. There can also be a number of reason why the product was not able to successfully clean the detected malware on your exchange environment.
For such questions i would highly recommend for you to check our Knowledgebase. Currently, only desktop products are supported on this discussion board.
03-24-2010 06:51 AM
First, I recommend you to create a log or report, about the issue, using reports product´s feature.
With those info you could filter the antivirus´s behavior about the malware detected.
After know the especifics malwares, you may search about them on http://threatinfo.trendmicro.com , for more information about the relative solution.
Good Luck !
03-24-2010 09:15 PM
The answer you are looking for is that Trend Micro products, by default, will always attempt two actions on a virus. The first is Clean in most products, and the second would normally be Quarantine or Delete, depending on your configuration.
In the old days, when viruses were written, they were generally appended to the end of an otherwise good file. This made it possible, back then, to surgically remove the virus if you will, by chopping off the bad part, leaving the original file intact, and thereby cleaning the file. In today's world, this really doesn't happen anymore, and the entire file *IS* the virus, which usually makes cleaning not a feasible option.
Generally speaking, if you see uncleanable viruses in the logs, real-time monitor, etc. you shouldn't be too concerned as the second action will be taken (Quarantine, Delete, etc.).