Thus, the best bet is to make a copy of the items in the quarantine directory, writing them to a USB token that...
has no other legitimate use (make sure it's not one of those auto-executing U3 USB devices). Then, clear out the quarantine folder. Keep in mind that it could take weeks for a user to know if the items that were quarantined were useful for an application on the machine. A problem would only manifest itself when a legit app requires an esoteric DLL or even an EXE that has been deleted. Thus, hold onto the contents of the USB token for a about a month before finally deleting it thoroughly. This process, although cumbersome, is the safest way to empty a quarantine folder.
Related Q&A from Ed Skoudis, Contributor
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your ...continue reading
Wi-Fi on airplanes seems like it will be unavoidable in the future, but what security risks does it pose? In this security threats expert response, ...continue reading
There are some rare forms of malware that antivirus software doesn't pick up on, but there are some good tools to remove all sorts of malware.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.