To view quarantined files:
- On the Malware Protection tab, click Threats Detected.
This option is available under AntiVirus Protection and Cloud Based Malware Protection. You can also click Zero-Day on the Sandbox Detection tab.
You can view the original file location, virus name, and logs, and submit the suspicious file to FortiGuard. You cannot restore or delete the quarantined file.
FortiClient organizes quarantined files into the following sections:
- Quarantined Files: files that AntiVirus Protection has quarantined
- Cloud Protection Quarantined Files: files that Cloud Based Malware Protection has quarantined
- Sandbox Quarantined Files: files that Sandbox Detection has quarantined
The following information displays:
Names of the quarantined files.
Dates and time the files were quarantined.
- Select a file from the list to view detailed information about the file and click Details.
Click submit for FortiGuard analysis.
Name of the quarantined file.
Location of the file before scanning.
Date and time the file was quarantined.
Displays Not Submitted when the selected file has not been submitted to FortiGuard for analysis by clicking the Submit button. Displays Submitted after clicking the Submit button.
Status of the file, such as Quarantined.
Name of the detected virus.
Quarantined File Name
Name of the file after it was quarantined.
Log File Location
Location of the log file for the scan.
FortiClient feature that quarantined the file.
Click to close the details dialog.
- Click Close.
FortiClient sends quarantined file information to EMS. If the EMS administrator whitelists the file (in the case of a false positive), EMS sends the whitelist information to FortiClient. After FortiClient receives the whitelist information, it releases the file from quarantine. See the FortiClient EMS Administration Guide for details.