Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to handle files in 'Quarantine' folder ?

Status
Not open for further replies.
urmilla71

urmilla71

IS-IT--Management
May 23, 2002
14
0
0
US


Hello all........

Can someone please tell me how to handle files that have been moved to the quarantine folder ?

One of our users (using XP and VS 7) has about 5 files in this folder and keeps getting messages about it (on access scan ?)............... i tried selecting and deleting but am unable to do so.

What is the correct way to handle these files ?


Thanks much
 
Sort by date Sort by votes
There should be a Quarantine Consol within VirusScan.

Just open it up, and delete them.
 
Upvote 0 Downvote
I had this problem. Disable the virus scan and delete the files. Re-enable virus scan.
 
Upvote 0 Downvote
My 2 cents:

1) Pull ethernet cable
2) Reboot the machine
3) Login to safe mode
4) If AV is on, turn it off.
5) Delete QUARANTINE files manually.
6) Reboot, do not plug in ethernet yet.
7) Login locally, not in safe mode, in normal mode.
8) Scan the ENTIRE machine again. If nothing found, shut down. If something found, go back to step 2.
9) While off, plug in ethernet cable, start machine again.
10) Login to network as normal.

I'm paranoid, this is what I would do.

Carpe diem, procrastination is the thief of time...
 
Upvote 0 Downvote
Exclude the \quarantine folder from being scanned to avoid the files from being scanned again and detected as viruses/worms/other malware.

On-access scan properties >> default, low-risk processes, and/or low-risk processes >> detection >> what not to scan >> exclusions >> add >> browse to the location of your quarantine folder (mine is located at c:\quarantine).

Remember, you've turned off the on-access scan on this folder, so do NOT go double-clicking any of the files in this folder. They were moved there for a reason.

Hope this helps.

gordonp
 
Upvote 0 Downvote

You can aslo schedule a "On-demand Scan" task in ePo for VS7

In the settings for this task, you specified that you only want to scan the c:\quarantine folder.
When it find a virus, choose the option "delete automatically"

Schedule this task every sunday night, one time per week.


Hope this help

P3dr0
 
Upvote 0 Downvote
P3dr0:

Actually, your suggestion is probably a more secure one.

A virus, worm, trojan, or other malware that is intentionally dropped to the \quarantine folder would not be scanned. The file could then be executed without detection.

gordonp
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
140
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
139
Johnkite
Johnkite
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
121
AllenH12
AllenH12
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
116
nnaarrnn
nnaarrnn
Russtoleum
  • Locked
  • Question
Windows client can't connect to sonicwall l2tp server
Replies
0
Views
47
Russtoleum
Russtoleum

Part and Inventory Search

Sponsor

Back
Top