There are certain situations when a detected file is deemed as infected and automated remediation procedures failed. Usually, the procedure is Quarantine first and ask question later.
There could be several reasons why the Malware engine reported a file as Infected
- The detected file is in an old quarantine folder of the previous Security solution.
- The detected file is in a cloud sync folder( Dropbox, Box, OneDrive etc..) and the engine does not have permission to extract the file from there.
- The detected file is in a protected archive from an application.
For this situation, the best course of action is to exclude the folders where the infected file was detected.
- The path of the detected file is written in the expanded threat dialogue in the Management Console or from the e-mail report.
If you know that the detected file is not needed anymore (because it is an old quarantine folder) you can delete it manually.
In case you have questions or the steps above did not help, please get in touch with us by creating a ticket for Support.