Determining how to handle quarantined files

Applies To: Forefront Client Security

You can control whether Client Security deletes files that it quarantines. If you choose to delete quarantined files, you can set the number of days that a Client Security agent waits to delete files that it quarantines.

By default, a new Client Security policy does not enforce deletion of quarantined files.

To enable deletion of quarantined files

1. In the Client Security console, create or edit a policy. For details about how to create or edit a policy, see Creating, editing, copying, and deleting policies.

2. In the New Policy or Edit Policy dialog box, click the Advanced tab.

3. Under Malware scan options, select the Delete quarantined files check box.

4. In the Delete after box, type the number of days that a Client Security agent should wait to delete a quarantined file. The maximum wait is 100 days.

5. After you finish creating or editing the policy, click OK.

6. To apply the policy to client computers, you must deploy the policy. For information about deploying a policy, see Deploying and undeploying policies.

To disable deletion of quarantined files

1. In the Client Security console, create or edit a policy. For details about how to create or edit a policy, see Creating, editing, copying, and deleting policies.

2. In the New Policy or Edit Policy dialog box, click the Advanced tab.

3. Under Malware scan options, clear the Delete quarantined files check box.

4. After you finish creating or editing the policy, click OK.

5. To apply the policy to client computers, you must deploy the policy. For information about deploying a policy, see Deploying and undeploying policies.