You can specify the action you want IWSVA to take whenever it detects
an Internet threat in inbound or outbound HTTP traffic.
Infected
files—Default is Clean.
Trend Micro recommends that you Clean virus-infected files. If the file
is corrupt or otherwise uncleanable, then only one of the actions listed
will be taken. Macro viruses will be automatically cleaned (that is, removed
from the host file).
Note: Only files infected with a virus
can be cleaned. Most threats now tend to be "uncleanable" such
as spyware, Trojans, phish, and worms.
Uncleanable
files—Default is Delete.
A large number of so-called "viruses" are, in fact, other types
of Internet threats. Because these types of malicious code do not "infect"
a file they cannot be cleaned. The whole file is bad; there is nothing
to clean. Trend Micro recommends that you quarantine or delete these "uncleanable"
files.
Password
protected—Default is Pass.
IWSVA cannot open or scan password-protected files. Rather than pass these
files through to the requesting client unscanned, Trend Micro recommends
that you quarantine them.
Macros—Default
is Pass. Choose Clean
to have IWSVA strip all macros from all files crossing the HTTP gateway,
typically in case of a macro virus outbreak, or Quarantine
to have IWSVA move all macro containing documents to the quarantine server.
Important: Macro settings are intended
to be temporary only—usually as a reaction to a sudden outbreak due to
a unknown macro virus. The default setting is Pass, and typically should
not be changed. IWSVA scans and cleans ordinary macro viruses using the
MacroTrap technology available as part of "infected" file scanning.