Thus, the best bet is to make a copy of the items in the quarantine directory, writing them to a USB token that has no other legitimate use (make sure it's not one of those auto-executing U3 USB devices). Then, clear out the quarantine folder. Keep in mind that it could take weeks for a user to know if the items that were quarantined were useful for an application on the machine. A problem would only manifest itself when a legit app requires an esoteric DLL or even an EXE that has been deleted. Thus, hold onto the contents of the USB token for a about a month before finally deleting it thoroughly. This process, although cumbersome, is the safest way to empty a quarantine folder.
- Can companies control their affiliate-based adware?
- Read about the connection between RealPlayer and adware.
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Ed Skoudis
Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology. Continue Reading
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your ... Continue Reading
Wi-Fi on airplanes seems like it will be unavoidable in the future, but what security risks does it pose? In this security threats expert response, ... Continue Reading