It would also be helpful if you can advise the specific file(s) name associated with the malware threat(s) detection and if so, where it is (was) located (full file path) at on your system.
Each security vendor uses their own naming conventions to identify various types of malware
so it's difficult to determine exactly what has been detected or the nature of the infection without knowing more information about the actually file(s) involved. Names with Generic or Patched are a very broad category. See Understanding virus names
When an anti-virus or security program quarantines
a file and moves it into a virus vault (chest) or a dedicated Quarantine folder, that file is safely held there and no longer a threat
. The file is essentially disabled and prevented from causing any harm to your system through proprietary security routines which may copy, rename, encrypt and password protect the file as part of the moving process. Quarantine is just an added safety measure
which allows you to view and investigate the files while keeping them from harming your computer.
One reason for doing this is to prevent deletion of a legitimate file file that may have been flagged as a "false positive
" especially if the scanner uses heuristic analysis
technology. Heuristics is the ability of a scanning program to detect possible new variants of malware
before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list. When the quarantined file is known to be malicious
, you can delete
it at any time by launching the program which removed it, going to the Quarantine tab, and choosing the option to delete.
Keep in mind, however, that if these files are left in quarantine, other scanning programs and security tools may flag them as a threat while in the quarantined area so don't be alarmed if you see such an alert. Just delete the quarantined items after confirming they are malware and subsequent scans should no longer detect them.
If you're not sure about the file placed in quarantine or suspect it may be a "false detection
", check your anti-virus user manual or look for documentation, FAQs on the vendor's web site. Submitting file samples to the vendor for further analysis allows the lab Techs to quickly investigate and confirm if the detection is actually malware. Some security programs have built-in options for submitting a file directly from the quarantined area to the vendor's lab for analysis. Most user guides will explain how to do that. Other anti-virus solutions automatically submit files or provide an alert to do so if you have checked the option to "Submit for analysis
in the program's settings.
Anytime you come across a suspicious file for which you cannot find any information about or you want a second opinion, submit it to one of the following online services that analyzes suspicious files:
In the "File to upload & scan
" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.