Restoring Encrypted Files

To prevent infected from being opened, Apex One encrypts the file during the following instances:

  • Before quarantining a file

  • When backing up a file before cleaning it

Apex One provides a tool that decrypts and then restores the file in case you need to retrieve information from it. Apex One can decrypt and restore the following files:

Table 1. Files that Apex One can Decrypt and Restore

File

Description

Quarantined files on the agent endpoint

These files are found in the <Agent installation folder>\SUSPECT\Backup folder and are automatically purged after 7 days. These files are also uploaded to the designated quarantine directory on the Apex One server.

Quarantined files on the designated quarantine directory

By default, this directory is located on the Apex One server computer.

For details, see Quarantine Directory.

Backed up encrypted files

These are the backup of infected files that Apex One was able to clean. These files are found in the <Agent installation folder>\Backup folder. To restore these files, users need to move them to the <Agent installation folder>\SUSPECT\Backup folder.

Apex One only backs up and encrypts files before cleaning if you select Backup files before cleaning by going to Agents > Agent Management and clicking the Settings > Scan Settings > {Scan Type} > Action tab.

Warning:

Restoring an infected file may spread the virus/malware to other files and computers. Before restoring the file, isolate the infected endpoint and move important files on this endpoint to a backup location.