The McAfee scan detected on Dr.Web's quarantine. When an anti-virus or security program quarantines
a file by moving it into a virus vault (chest), that file is essentially disabled and prevented from causing any harm to your system. The quarantined file is safely held there and no longer a threat
until you take action to delete it. One reason for doing this is to prevent deletion of a crucial file that may have been flagged as a "false positive
" especially if the scanner uses heuristic analysis
technology. Heuristics is the ability of a scanning program to detect possible new variants of malware
before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list. Doing this also allows you to view and investigate the files while keeping them from harming your computer. Quarantine is just an added safety measure
. When the quarantined file is known to be malicious
, you can delete
it at any time.
Keep in mind, however, that if these files are left in quarantine, other scanning programs and security tools may flag them as a threat while in the quarantined area so don't be alarmed if you see such an alert as you just found out. Just delete the quarantined items and subsequent scans should no longer detect them.
Further a Potentially Unwanted Program
(PUP) is a very broad threat category that can include any number of different programs to include those which are benign as well as malicious.
I have not used Spybot S&D in ages but those findings appear to indicate encrypted zipped files not scanned in Spybots Recovery Feature
It is not unusal for an anti-virus or anti-malware scanner to be suspicious of some compressed
files because they have difficulty reading what is inside them. These kind of files often trigger alerts by security software using heuristic detection
because they are resistant to scanning (difficult to read) or they may even be ignored (not scanned). This resistance may also result in some scanners to stall (hang) on these particular types of files. Certain files in the System Volume Information Folder
like the Tracking.log which is created by the Distributed Link Tracking Service to store maintenance information have also been reported as a source causing some scanners to hang.