I don’t know if this is on the CIS roadmap, but it’s perplexing why it has not been implemented yet. It’s known that once a virus is in quarantine, it can’t be accessed, and when it’s ignored, it’s added to the trusted file list.
There has to be a solution to the problem.
Ok, it seems that an infected file can still be sent to virus total by unchecking the option “do not show antivirus alerts” in the antivirus settings, then when the sandbox setting is set to Untrusted, when the virus is accessed, choose to add it to the exclusions when the antivirus alert pops up, then upload it manually.
Keep the sandbox level at Untrusted or Blocked. I was certain that this did not work with the previous version. Perhaps it was added to 5.8, either way it’s good that you can add the file to the exclusion list without it being added to the trusted file list.
This would be very helpful. A right click upload to… option would be best placed in the active process list, unrecognized files and quarantine.