1 Reply Latest reply on Mar 14, 2012 1:22 PM by rmetzger

    quarantine files

      For what quarantine files are used for? Can i delete thises files because these files take a lot disk space.

       

      on 3/14/12 9:25:00 AM CDT
        • 1. Re: quarantine files
          rmetzger

          Hi amk,

           

          Quoting vse_880_product_guide_en-us.pdf:

          pg. 75

           

          "Quarantined items

           

          Items that are detected as threats, are cleaned or deleted. Plus, a copy of the item is converted

          to a non-executable format and saved in the Quarantine folder. This allows you to perform

          processes on the quarantined items after downloading a later version of the DAT, that possibly

          contains information that can clean the threat.

          These additional processes include:

          • Restore.

          • Rescan.

          • Delete.

          • Check for false positive.

          • View detection properties.

           

          NOTE: Quarantined items can include multiple types of scanned objects. These objects include

          files, cookies, registries, or anything VirusScan Enterprise scans for malware."

           

          Also, with the right tools, one can extract the individual files in the Quarantine folder for submission to VirusTotal or McAfee, for further analysis.

           

          There have been times when 'False Positives' have occurred on critical OS or application files. By leaving them in the Quarantine folder for some 'time' allows for a more graceful recovery should the false positive files need to be recovered.

           

          Hope this helps,

          Ron Metzger