IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [quarantine]

Quarantine is a functionality in antivirus programs intended to render malware files harmless.

Quarantine is a function of antivirus software that isolates infected files on a computer's hard disk. Files put in quarantine are no longer capable of infecting their hosting system.

source Wikipedia:

18 questions
40
votes
6 answers

Can malware be dangerous even when quarantined?

I am reading a book on network security and when talking about user confusion it writes: "It is not uncommon for a user to be asked security questions such as Is it safe to quarantine this attachment? With little or no direction, users are…
Peter Horniak
  • 503
  • 1
  • 4
  • 5
20
votes
2 answers

How to remove quarantined virus securely?

There is a file found by antivirus program and it was put into the virus' quarantine section (its not a false positive). Now I don't know how to handle this "quarantined" files. What is the best practice and secure way to deal with them? Delete…
johnsmiththelird
  • 483
  • 7
  • 16
17
votes
4 answers

How AV software makes sure quarantined files never get executed?

This Super User question made me ask, is it really a good idea to keep files in quarantine, when you don't know what they are yet? For what I know there are more or less 2 steps that need to be performed for "losing control" of your system. First…
Zaibis
  • 701
  • 1
  • 4
  • 16
4
votes
2 answers

MalwareBytes Quarantine

MalwareBytes has the ability to quarantine or to quote MB: At that time, they were removed from the disk location where they were stored, placed in quarantine, and modified so that they could not pose a threat to your computer. What exactly…
user180262
4
votes
1 answer

What is quarantine?

What do antiviruses actually do when quarantining a malicious threat? Does it compress the file using some algorithm, does it just change the extension of the file, or does it just move the file to a safer location?
user105127
  • 43
  • 4
3
votes
1 answer

How can I improve my sheep dipping process?

Problem: The hiring department occasionally sends me Word documents asking to clear the file as "safe" to open and review for purposes like resumes etc.; they can come from anywhere and are often unsolicited job applications. Based on the cornucopia…
PlasticCasio
  • 93
  • 7
2
votes
3 answers

Quarantine or add exclusion for malicious items?

I am having so many problems with my laptop. I have 8 malicious items detected and 4445 non malware items detected. Is it better to quarantine or add exclusion? I am not sure what add exclusion means.
Elaine
  • 21
  • 1
  • 2
2
votes
2 answers

Antivirus settings: delete or quarantine the file?

I understand that most antiviruses by default quarantine infected files. I have changed it to remove all infected files immediately. Would this cause more harm than good?
Jay
  • 535
  • 5
  • 12
2
votes
1 answer

As a Software Industry Editor, how to avoid my software being quarantined?

I'm a well established software company. For more than 30 years, my business has been delivering both hardware and software. My Windows software is being quarantined by some of my customer's antivirus. How I handle it, up to now, is that I have been…
SCO
  • 121
  • 2
1
vote
2 answers

Bypassing Windows Defender VBA custom code

I've recently written a simple keylogger using classic DLL-injection technique. I wanted to simulate a real phishing attack where the user opens an Office document with macros and by enabling them he downloads and runs my keylogger. While the…
Rob D
  • 31
  • 5
1
vote
1 answer

Moving Infected Files to Trash versus Quarantining them

When you run an AntiVirus, typically they give you the option of quarantining the infected files. I remember when I was a kid I would move them to the trash bin instead. My question is, which method - quarantining infected files or moving to trash -…
Craig Fox
  • 81
  • 1
  • 2
0
votes
1 answer

Security Tools - File Encryption vs Corruption

When security tools quarantine files, why do they tend to use encryption, rather than simple file corruption? The main goal of quarantining a file is to make it impossible to run on a system. This particular goal is easily accomplishable by simple…
pepperoni
  • 1
  • 1
0
votes
0 answers

Is quarantine threats absolutely necessary? Every time I do, all my Chrome tabs crash

I have been talking backwards and forwards with a MalwareByte support, because every time I run 'quarantine threats' all my Chrome tabs crash. This guy keeps asking me to switch Google sync off, and then resetting it, except that there is no reset…
Pépe Pepito Pepón
  • 1
0
votes
2 answers

Python Antivirus comparing hashes

I'm writing an antivirus in python mostly to learn and for research purposes, I do understand it would be more efficient to do this in something like C and eventually I will port this over. So far I have coded the first part of the AV that will…
W0z
  • 1
0
votes
0 answers

Unknown process attempted to execute code

This morning I booted up my computer and not long afterward, got a notification from ByteFence (unsubscribed) that an unknown process attempted to execute a command that was deemed unwanted. ByteFence gives me the option to ignore the "threat" and…
Darin Beaudreau
  • 191
  • 1
  • 5
1
2