I am not to sure how to deal with quarantined items
When an anti-virus or security program
quarantines a file and moves it into a virus vault (chest) or a dedicated Quarantine folder, that file is
safely held there and no longer a threat. The file is essentially disabled and prevented from causing any harm to your system through proprietary security routines which may copy, rename, encrypt and password protect the file as part of the moving process. Quarantine is just
an added safety measure which allows you to view and investigate the files while keeping them from harming your computer.
One reason for doing this is to prevent deletion of a legitimate file file that may have been flagged as a "
false positive" especially if the scanner uses
heuristic analysis technology. Heuristics is the ability of a scanning program to detect
possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list. When the quarantined file is
known to be malicious, you can
delete it at any time by launching the program which removed it, going to the Quarantine tab, and choosing the option to delete.
If you're not sure about the file placed in quarantine or suspect it may be a "
false detection", check your anti-virus user manual or look for documentation, FAQs on the vendor's web site. Some security programs have built-in options for submitting a file directly from the quarantined area to the vendor's lab for analysis. Most user guides will explain how to do that. Other anti-virus solutions automatically submit files or provide an alert to do so if you have checked the option to "
Submit for analysis in the program's settings.
Anytime you come across a suspicious file for which you cannot find any information about or you want a second opinion, submit it to one of the following online services that analyzes suspicious files:
In the "
File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
Other resources:
Keep in mind, however, that if these files are left in quarantine, other scanning programs and security tools may flag them as a threat while in the quarantined area so don't be alarmed if you see such an alert. Just delete the quarantined items after confirming they are malware and subsequent scans should no longer detect them.