Collecting quarantined files manually when the Quarantine Dumper tool fails Symptoms
The 'malware_samples.zip' file produced by the Quarantine Dumper tool (fsdumpqrt.exe) does not contain any sample files.
Diagnosis
Varying operating/system environment may cause the Quarantine Dumper tool to fail to collect the quarantined files.
Solution
- Open Windows File Explorer, and go to
C:\ProgramData\F-Secure\Quarantine\Repository. Enter your administrator credentials when asked. - Right-click on the TAR folder, and select Properties.
- Go to the Security tab, and click Edit.
- Click Add....
- Type in
Everyone in the 'Enter the object names to select' field, and click OK. - Select Everyone from the 'Group or user names' list, and under 'Permissions for Everyone', check the Allow Full control box.
- Create a password-protected archive of the following folder with the password:
infected. - Submit the zip file (archive) to our analysts.
- Important: Return to TAR folder > Properties > Security tab > Edit, and remove Everyone from the list.
