Recently I have been part of a virus removal team, specifically the w32/blaster worm. The primary tool we have been using is McAfee 7.0. Normally it moves the svchost.exe in the winnt\system32\wins folder to c:\quarantine. A simple delete of this file does not work and requires scanning the svchost.exe.vir file and then deleting using McAfee. Is this an ownership issue? and... is the file still locked into the operating system? I have understood it is recommended to delete this file. Who actually owns/controls this file? Can anyone explain what effect/significance of the existence of this file in the quarantine folder could be to the OS/network? My understanding of quarantine is that the file is simply being preserved so it can be recovered in the event it has important data. I havn't been able to find any documentation or specifications that say otherwise. I would happily be enlightened.
Thanks!

Hi ifixit - the infection detected is also known as Welchia (http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html). The registry entries have to be removed and the process killed before the file can be deleted which is what your AV will do when you scan. It can also be done manually (see above link). Once the file is quarantined, it can do no harm but once the file is confirmed as viral, it is much better to delete it to avoid an accidental restoration. In your case, it is a file created by Welchia and not a Windows file so deletion is the best option.