Where is quarantine in Windows Defender 10 - ways to remove a file from it

Every personal computer or laptop must have a built-in personal data protection system. Typically, confidentiality is violated due to various malicious programs entering the device’s memory: viruses, worms, Trojan horses, etc. Standard Windows tools help to instantly recognize and neutralize them. Objects suspected of being threats are neutralized and placed in a special place, from where they cannot be launched and harm the computer. It is necessary to take a closer look at where quarantine is in Windows Defender 10 and why files end up in it at all.

How to access the security log?

Viewing the security log

1. Open Event Viewer.
2. In the console tree, go to Windows Logs and click Security. The results pane lists individual security events.
3. If you want to see more information about a specific event, click it in the results pane.

19 Apr
2022 Interesting materials:

Is it possible to delete from Android Hangouts? Is it possible to delete the VK cache? Is it possible to delete the messenger? Is it possible to delete mts services? Is it possible to delete a sent photo on WhatsApp? Is it possible to delete a sent letter in Yandex mail? Is it possible to delete sent VKontakte messages? Is it possible to delete an email from a Gmail recipient? Is it possible to delete Yandex mail? Is it possible to remove Program Files 86?

Restoring files from quarantine

The software works in automatic mode, so all malicious programs will be automatically quarantined. This approach allows you to accurately and quickly identify malicious applications. To restore files from quarantine, you need to do the following:

• Go to “Security Center”, then click on “Protection against viruses and threats”.

• In the new window, select the “Threat Log” item. Here is complete information about the programs that were quarantined.

• Suspicious files can be removed and deleted permanently or, conversely, retrieved and restored.

You can retrieve any previously blocked files from the Threat Log.

Actions with storage

From the Avasta file storage, virus programs are not able to affect the PC system, but they cannot be launched. In order to run a specific program whose files have been quarantined, you need to find it in the storage and pull it out from there:

1. Hover your mouse cursor over the desired item in the provided list of files blocked by Avast.
2. Left-click on the ellipsis icon (“More”).
3. Select the “Restore” option from this list, which will return the file to its original location.

After this, the file will be restored to the directory from which it was originally quarantined along with viruses.

Function for restoring quarantined files

Remember that next to the ellipses there is another icon - a trash can. It starts deleting the file (permanently). If viruses have been quarantined, then it is better to remove them. But with necessary and important files that have been identified as dangerous by mistake, you should be careful not to delete them completely.

File recovery

If the user is sure that the files are safe and were deleted by the antivirus by mistake, then they can be restored. To do this you need:

1. Open the antivirus menu by right-clicking on the program shortcut.
2. Select “Quarantine” there, after which a list of all files that have been moved to this storage will be displayed.
3. Select the desired file and right-click on it.
4. In the list that opens, select “Restore”.

This will allow, just as in the previous case, to simply restore the file in the same directory where it was originally before being quarantined.

Uploading files to Avast Threat Intelligence Lab

In order to send files to the threat analysis laboratory, you need to scan for viruses. This function is launched through the “Send for analysis” menu item. This menu item is launched in the same way as recovery, through the “Protection” and “Virus Storage” items, only it will be the third in the pop-up menu after clicking on the desired file with the left mouse button.

This function allows you to check and further analyze the file to determine how dangerous it is and whether it needs to be deleted or whether it can be used. Next, you just need to select “Possibly malware,” and then click the “Submit” button. This way the user will very quickly receive an answer about what kind of file it is and how dangerous it really is.

Deleting files

It is also possible to delete files through the virus storage, where Avast antivirus collects all potential threats. This is an important function, and if the file turns out to be truly malicious and dangerous for your software, then you should not risk restoring it. Moreover, you shouldn’t run it.

Accordingly, you can delete a potentially dangerous file without restoring it or running it. To do this you need:

1. Login to file storage.
2. Go to the list of blocked files.
3. Select the desired file, left-click on it and select the delete function.

This way, the file will be permanently deleted from your hard drive, and this will protect your computer from virus programs and dangerous files.
After such deletion, the file cannot be restored in any way. In order to make sure whether a file is really dangerous, you need to check it as described above by sending it for analysis. Well, or simply delete it without checking if the user is sure that he simply does not need it.

About Avast Virus Vault

If the Avast antivirus program detects suspicious files or infected objects, it simply places them in storage or deletes them automatically. If the file has been deleted, it will be difficult to recover it. But it is possible to lift a file from quarantine, since this means that the program simply blocked its operation due to a potential threat to the user’s PC and personal data.

Notification about the presence of a potential threat in the antivirus

Do I need a third-party antivirus if I have Windows 10?

This question arises for almost all users and is quite reasonable. Windows Defender is a reliable built-in antivirus distributed by Microsoft completely free of charge and, moreover, is often updated along with the operating system. In this case, there is practically no need for built-in software - it is a matter of taste.

However, if you do not receive timely updates, it is worth keeping in mind the fact that every day more and more malware appears that the old version of the antivirus simply cannot resist. In this case, we strongly recommend installing third-party software to provide your computer with the highest level of security.

We hope the article was useful to you and helped you find answers to your questions!

How to configure, enable or disable built-in protection?

In the built-in protection settings, the user will be able to disable , enable , or configure Windows Defender to suit their needs.

Important! We strongly do not recommend disabling system protection for a long period. This should only be done before installing third-party antivirus programs to avoid conflicts between the two protection systems.

To get to the manual control menu for built-in Windows protection, you must:

Step 1. Right- on “Start” and in the window that opens, select “Settings” .

Step 2. In the settings menu that opens, go to “Update and Security” .

Step 3. In the next window, select “Windows Security” and click on the button “Open the Windows Defender Security service” .

Step 4. In the Defender Security Center, go to the lower left corner of the window and click on the gear, then click on the “Manage Vendors” .

Recover deleted file

Once you resolve the file on your system, you can restore it. A recovery application is required and you can use any application of your choice, but for a quick and free solution, use the Windows File Recovery application.

1. Install the Windows File Recovery app from the Microsoft Store.
2. Open a command prompt with administrator rights.
3. After changing the paths, run the following command.
   The original disk should be replaced with the disk from which the file was deleted.
4. The destination folder should be replaced with the folder in which the recovered file should be saved, and MUST NOT be on the same drive you are restoring the file from.
5. .file-extension should be replaced with the actual extension of the file you are trying to recover.
6. Don't edit '/n'.

winfr source-drive: destination-folder /n *.file-extension
Example

winfr C: "D:\Recovered File" /n *.docx

1. Press the "y" key when the application asks for confirmation.
2. After running the command, open the destination folder in Explorer and the file should be there.

Why are files quarantined in Windows 10?

Before you figure out where quarantine is located in Windows 10 Defender, you need to understand why files are sent to it. Typically, the data area in question serves to store neutralized virus programs to prevent their further spread. This zone blocks background activity of programs and prevents them from interacting in any way with important system components of the Windows 10 operating system.

How to mount an ISO image in Windows 10 - ways to open the file

Typically, the defender immediately recognizes the virus from its online databases and moves it to the quarantine zone, but this also happens with harmless files. An example is a program that the user downloaded from an unknown resource or wrote and compiled himself. Such applications often do not have any digital signatures and are considered malicious.

Note! Harmless applications that make any changes to OS files to speed up its operation or optimize file storage, etc. may be blocked.

Search for a defender in System Settings

Protect files from deletion

To prevent the built-in antivirus from moving the files you need to quarantine, you need to add them to exceptions or pause protection. To add a file to exceptions, you must:

• Go to Defender and then go to Settings and open Manage Settings.

• Next, select Add or Remove Exceptions.

The second method involves disabling the built-in protection system and can lead to negative consequences. But if the user is still aware of this fact, then you can turn off the antivirus as follows:

• You can manually disable protection by going to the antivirus and selecting “Manage settings”, then changing the status from “On.” to "Off".

• Download the registry file, open it and accept the changes by clicking “Yes”.

This method will stop the Win Defender service, stop the daily operation of the antivirus, turn off cloud protection, and disable controlled access to folders.

Quarantine management

There is not always time to get rid of potential threats manually. Automatic deletion was also provided, but it is important to specify the correct time. It should be enough for the user to study the entire list of possible viruses. Otherwise, it runs the risk of automatically deleting important files that are not malware, but are quarantined by mistake.

1. First, you need to press the key combination “Win” and “R”, thereby bringing up the “Run” window. In the search line you need to enter the command “gpedit.msc”, and then press the “Enter” key. This action will open the Group Policy Editor.

   
   Loading the “Group Policy Editor”

2. In the left column you need to find the “Computer Configuration” folder, which consists of many other folders. In this case, you will need “Administrative Templates”; after finding it, you need to go to “Windows Components”. There, the user can easily find the desired “Anti-virus program” folder, which contains the final “Quarantine” section.

   
   We follow the indicated path

3. By clicking on it, the “Status” section will appear on the right side. You will need to click on the second item.

   
   Click on the second item

4. A window will immediately appear where you can configure the necessary parameters. First of all, you need to click on the “Enabled” indicator and check the box next to it. In the “Settings” block, you can set the number of days after which malicious applications will be removed from quarantine. You can set the time at your discretion, then click on “Ok” and then on “Apply”.

   
   Set the necessary parameters

These actions are enough for the defender to remove all viruses on its own. If the user puts the indicator “0” in that column, then the system will delete it instantly, immediately after detecting suspicious files.

This indicator can be changed at any time by clicking on “Not set” in the upper left corner.

What is Windows Defender Quarantine 10

Windows 10 Defender is a special program that comes bundled with the operating system and is pre-installed. Thanks to regular updates to Microsoft databases, the OS is always protected by its own antivirus, unless it is turned off, of course.

Windows 10 Defender Window

Any modern antivirus product has a file storage area called quarantine. This is the place where files of any extensions that seem suspicious or malicious to the defender end up. From there, they will not be able to interact in any way with system resources and change important configurations of a personal computer or laptop running OS Windows.

For your information! Windows 10 antivirus quarantine is an extremely necessary thing for neutralizing virus files and Trojan horses.

Folder with quarantine files

Why do you need a defender?

“Quarantine” is just a separate section of the “defender”; it is important to understand what this program is and whether it is needed at all. As already mentioned, this antivirus protects the user’s computer from malicious files. Moreover, he is able to cope with spyware. It was developed for both Windows XP and Windows 7, but had a different name. It appeared in its usual form with the update to Windows 8, when the developers included it in the standard set.

The note! It took a little time to add the function of time selection, express scanning, etc., so this program will certainly be useful for the user.

How to clear Windows 10 security history?

Clear security log in Event Viewer

1. In the search bar or Run menu ( Win
   +R), type eventvwr and press Enter.
2. Go to “ Logs
   ” => “
   Microsoft
   ” => “
   Windows
   ” => “
   Windows
   Defender” => “Operational” => click on “
   Clear Log
   ”.
3. Click on “ Clear
   ”.