![]() ![]() SEP quarantine files are located in C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Quarantine. If you find any mistakes or know what some of the structures are, please let me know and I will update them.įolder structure makes a difference in what is contained in the vbn file. There is still quit a bit that is unknown. The file format for version 1 can be found here. I would like to give a special thank you to for getting me some older samples to work with. Version 1 of the format was used up to SEP 11. The vbn file structure has undergone two revisions, from what I can tell. It all depends on where they are in the quarantine folder structure. Some contain the quarantined files, while others do not. What I ended up finding out is that there is a lot of information contained inside vbn files. I decided to dig a little deeper into the vbn format because it is not documented well. ![]() My goal originally, was to improve the way DeXRAYextracted files from Symantec Endpoint Protection (SEP) vbn quarantine files. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |