This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to get rid of a quarantined item when the only available Action is "Authorize"?

My Sophos has isolated an "AdWare or PUA" in quarantine, but I can't get rid of it. The only available "Action" is to "Authorize" this. It's filename is "Toggle Download Manager" and under the "Details" it's just listed as "Other".
I tracked the file to it's root file and deleted that, but I can't seem to get it out the quarantine except (maybe) by using the "Clear".
Don't know if I should do that.
If I run another scan, it pops up again.
What should I do?



This thread was automatically locked due to age.
  • Hello Gary Waldron,

    filename is
    if you are referring to the Name column in the Quarantine Manager this is the "threat's" name, not a filename. Details represents the Type in the analysis (see here for Toggle Download Manager). AFAIK the Other signifies the Unspecified PUA, other common types are Adware and Hacking Tool. There should be a [more...] link in the Details column that opens a list of the files associated with the detection. Files and actions are also logged in the Anti-Virus log.

    If Cleanup is not available you have to manually remove it. This is commonly the case when the PUA is an installed program. Please see this How to remove ... article for details. Clear removes the item from the list, it has no other consequences. And if you manually removed the PUA you have to use clear to get it off the QM list.

    it pops up again
    and the file you deleted is again there? Either you did not properly remove the PUA (as per the article) or there's an undetected component that "reinstalls" it.

    Christian