Ask the Expert

What is the safest way to handle quarantined adware?

Once I quarantine adware like Starware Toolbar, what do I do with it? Can I destroy it from the quarantine folder? What is the safest way to handle quarantined adware?

    Requires Free Membership to View

Generally speaking, it's usually safe to delete the items in a quarantine folder. But, notice those weasel words in the previous sentence: "Generally speaking" and "usually." In other words, users have to be careful. Quarantine folders exist primarily because antimalware products sometimes issue false positives; accidentally classifying a legitimate program -- or even a part of the operating system -- as malware. If the antimalware tool were to outright delete the given file, it could break the app or render the whole machine inoperable. This happens on a periodic basis, with numerous examples of an antivirus tool detecting a piece of Windows as malware, resulting in major problems.

Thus, the best bet is to make a copy of the items in the quarantine directory, writing them to a USB token that has no other legitimate use (make sure it's not one of those auto-executing U3 USB devices). Then, clear out the quarantine folder. Keep in mind that it could take weeks for a user to know if the items that were quarantined were useful for an application on the machine. A problem would only manifest itself when a legit app requires an esoteric DLL or even an EXE that has been deleted. Thus, hold onto the contents of the USB token for a about a month before finally deleting it thoroughly. This process, although cumbersome, is the safest way to empty a quarantine folder.

More information:

This was first published in February 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: