Link to home
Create AccountLog in
Avatar of Kishwaukee

asked on

Antivirus Software Fails to Quarantine Malware

Hello, we have System Center Endpoint Protection for our antivirus product and we get email alerts when the software detects malware on a client.  However we are noticing that occasionally the software "fails" to quarantine some malware.  Below is a sanitized example email reporting the failure.  As an experiment we have tried giving Everyone full permissions on the infected PST file and then running the scan again but it still fails.  We are sure the file is not in use since it is a user who has long since retired.  Any tips on how to make SCEP not fail to quarantine?  Thanks.

Configuration Manager Endpoint Protection has detected malware on one or more computers in your organization

Collection name: All Clients

Malware Name: Worm:Win32/Sober.Z@mm!CME681 Number of infections: 1 Last detection time(UTC time): 3/31/2015 2:07:19 PM

These are the infections of this malware:
1. Computer name: WS1
Domain: Domain.local
Detection time(UTC time): 3/31/2015 2:07:19 PM Malware file path: file:_C:\Users\Administrator.WS1\Desktop\IJones\Email\backup.pst->Message.7701: " [Your IP was logged]" [2005/12/22 23:38:32]: Attachment.9899: ""->File-packed_dataInfo.exe;file:_C:\Users\Administrator.WS1\Desktop\IJones\Email\backup.pst->Message.7737: " [Paris_Hilton_&_Nicole_Richie]" [2005/11/22 02:26:32]: Attachment.9946: ""->File-packed_dataInfo.exe;file:_C:\Users\Administrator.WS1\Desktop\IJones\Email\backup.pst->
Remediation action: Quarantine
Action status: Failed
Avatar of hypercube
Flag of United States of America image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
I propose trying SUPERAntiSpyware, I have the free version download and it was by far more efficient that Microsoft Security Essentials.

Detect and Remove Spyware, Adware and Remove Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits, Rogue Security Products and many other types of threats.

Light on System Resources and designed not to slow down your computer like many other anti-spyware products. Designed not to conflict with your existing anti-spyware or anti-virus solution!

Repair broken Internet Connections, Desktops, Registry Editing and more with our unique Repair System!