AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of Kishwaukee
Kishwaukee
 asked on

Antivirus Software Fails to Quarantine Malware

Hello, we have System Center Endpoint Protection for our antivirus product and we get email alerts when the software detects malware on a client.  However we are noticing that occasionally the software "fails" to quarantine some malware.  Below is a sanitized example email reporting the failure.  As an experiment we have tried giving Everyone full permissions on the infected PST file and then running the scan again but it still fails.  We are sure the file is not in use since it is a user who has long since retired.  Any tips on how to make SCEP not fail to quarantine?  Thanks.

Configuration Manager Endpoint Protection has detected malware on one or more computers in your organization

Collection name: All Clients

Malware Name: Worm:Win32/Sober.Z@mm!CME681 Number of infections: 1 Last detection time(UTC time): 3/31/2015 2:07:19 PM

These are the infections of this malware:
1. Computer name: WS1
Domain: Domain.local
Detection time(UTC time): 3/31/2015 2:07:19 PM Malware file path: file:_C:\Users\Administrator.WS1\Desktop\IJones\Email\backup.pst->Message.7701: "Department@fbi.gov [Your IP was logged]" [2005/12/22 23:38:32]: Attachment.9899: "list.zip"->File-packed_dataInfo.exe;file:_C:\Users\Administrator.WS1\Desktop\IJones\Email\backup.pst->Message.7737: "info@nwurce.com [Paris_Hilton_&_Nicole_Richie]" [2005/11/22 02:26:32]: Attachment.9946: "downloadm.zip"->File-packed_dataInfo.exe;file:_C:\Users\Administrator.WS1\Desktop\IJones\Email\backup.pst->
Remediation action: Quarantine
Action status: Failed
Anti-Virus AppsAnti-SpywareOutlook
Avatar of undefined
Last Comment
Judit Camacho Díaz
8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
hypercube
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Judit Camacho Díaz
I propose trying SUPERAntiSpyware, I have the free version download and it was by far more efficient that Microsoft Security Essentials.

http://www.superantispyware.com/

Detect and Remove Spyware, Adware and Remove Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits, Rogue Security Products and many other types of threats.

Light on System Resources and designed not to slow down your computer like many other anti-spyware products. Designed not to conflict with your existing anti-spyware or anti-virus solution!

Repair broken Internet Connections, Desktops, Registry Editing and more with our unique Repair System!
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent