Hello,
As stated above, when a SEP quarantine files by default policy it scans those files to repair those files.
If the new definitions include repairs for quarantined files, Symantec Endpoint Protection repairs the files. The client also restores the files to their previous location without notifying the user.
Automatically repair and restore files in Quarantine silently is the default policy.
- Login SEPM,
- Click on Policies
- Go into the Virus and Spyware Protection Policy
- Select Quarantine
- For the setting When New Virus Definitions Arrive select to Automatically repair and restore files in Quarantine silently.
However, lot of administrators disable the policy by changing it to "Do Nothing".
In such cases, it becomes important to scan the machines with the Latest Rapid Release Definitions which may assist them to repair those files.
The following articles contain a lot of good advice:
Best practices for troubleshooting viruses on a network
http://www.symantec.com/docs/TECH122466
Symantec Endpoint Protection – Best Practices: Stopping Malware and other Threats.
http://www.symantec.com/theme.jsp?themeid=stopping_malware
Hope that helps!!