Malware quarentine traces removal



While F secure quarentine the malware will it remove all its traces or only original file.



Best Answer

  • MJ-perCompMJ-perComp Posts: 1,098 Superuser
    Accepted Answer

    "Removing all traces" would mean to exactly know the malware, to know what it did and what it is able to do. Also many malware load new modules that could leave a new trace.

    This could be possible for known malware but requires deep analysis of the samples. Unfortunaltely thais can only be done for a fraction of the samples submitted each day.

    Also in many cases "suspicious" binaries get quarantined. If a registry enrtry points to that binary that will be quarantined as well.

    A deep analysis can be requested via your partner or support.

    Depending on if and how deep a competitor did an analysis of the same binary his security soulution might still detect and aletrt on other traces, but would certainly fail to sanitise the binary, as it is already in F-Secure's quarantine.


    So the short answer is "F-Secure will quarantine as much as known, ensuring that the file in question can no longer be started".

    If you in doubt of a specific sample please escalate to your partner or support.





This discussion has been closed.