If you need to recover an item, such as a false positive, from the quarantine, use the fsdumpqrt tool for this. It helps you to get sample files from the quarantine.
The tool reads all the files in the AV quarantine, unpacks them from the quarantine and dumps them into an encrypted ZIP file named "malware_samples.zip". The default password for the encrypted zip file is "infected", and you can change it if you want to.
To recover quarantined items with fsdumpqrt:
cd c:\temp\and press Enter.
fsdumpqrt.exe -d c:\temp\.
https:F-Secure license terms are shown.
Note: You have to scroll all the way to the end of the license terms before you can accept them.
You can now find the "malware_samples.zip" file with the default password (infected) in the destination folder that you specified in step 4.
Tip: Running the fsdumpqrt.exe tool at command prompt without additional command line parameters will print out a short tool description and the extra parameters for using the tool.
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support agents and get answers to your questions