@import "/themes/withsecure/design/coveo/CoveoFullSearch.min.css"; @import "/themes/withsecure/design/headerfooter.css"; header .container, .top-header {display:flex; width: 100%;padding: 0;flex-direction: row;justify-content: space-between;} a#searchboxtoggle[data-toggle="collapse"] #displaysearch:before {content: "\f220";font-family: fsg-icon;font-size: 26px;color: #red;font-style:normal} a#searchboxtoggle[data-toggle="expand"] #displaysearch:before {content: "\f130";font-family: fsg-icon;font-size: 26px;color: #fff;font-style:normal} .header-searchbox {position: absolute;margin: 0;z-index: 30;width: 0;overflow: hidden;right: 30px;height: 53px; transition: .6s ease-in-out;} @media screen and (max-width: 370px){ .header-searchbox.expand {width: 300px;} } @media screen and (min-width:371px) and (max-width: 700px){ .header-searchbox.expand {width: 450px;} } @media screen and (min-width:701px) and (max-width: 991px){ .header-searchbox.expand {width: 450px;} } @media screen and (max-width: 991px){ a.Header-logo svg {margin-top:8px} .header-coveosearch { margin:auto;width: 60px;position: absolute;right: 0;height: 64px;} .header-searchbox {width: 0;overflow:hidden} .header-searchcontainer {position:absolute;margin:auto;top: 0;width: 60px;height: 62px;text-align: center;} .header-searchcontainer {padding-top: 6px;} .header-searchbox {position: absolute;margin: 0;z-index: 30;width: 0;overflow: hidden;right: 60px;top:0;height: 63px;} .bottom-header.display {width:100%} .searchPage .Hamburger {right:9px!important;left:unset!important} .searchPage .Hamburger-border {right:0!important;} } @media screen and (min-width: 992px){ header .row:nth-child(1) {position:absolute; top:0;height:52px} .bottom-header {margin-top:60px} .header-top-links {margin-left:auto} .header-searchcontainer {float:unset; margin:unset} .header-coveosearch {margin-top:8px;margin-right:30px;width: 10px;} .header-searchbox {top: -9px;} .header-searchbox.expand {width: 500px; min-height:200px} .searchboxtoggle {margin-top:0} .searchboxtoggle:hover {cursor:pointer} .searchboxtoggle:hover #displaysearch:before, .header-searchcontainer.expand .searchboxtoggle:hover #displaysearch:before {color: #c6ceff} .helpforum-dropdown:hover, .supportarticles-dropdown:hover {cursor: default;} .helpforum-dropdown a:hover {cursor: pointer;} .helpforum-dropdown a, .supportarticles-dropdown p {width: fit-content} .header-top-link.active::after, .header-top-link:hover::after {top:-5px} .helpforum-dropdown.active::after, .supportarticles-dropdown.active::after, .dropdowns > li:hover::after {top:7px} } @media screen and (min-width: 992px) and (orientation:landscape) { .top-header {width:98%;} } .btn { min-width: 100px; } .btn-inverse { color: #fff; border-color: #fff; background-color: #00000000; border-width: 1px; } .btn { display: inline-block; margin-bottom: 0; font-weight: 600; text-align: center; vertical-align: middle; touch-action: manipulation; cursor: pointer; background-image: none; border: 1px #00000000; line-height: .71; border-radius: 4px; -webkit-user-select: none; -moz-user-select: none; -ms-user-select: none; user-select: none; font-size: 14px; padding: 14px 15px; min-width: 114px; text-decoration: none; } .btn-lg, .btn { -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; } .btn { text-rendering: optimizeLegibility; -ms-font-feature-settings: "liga" 1,"kern" 1; font-feature-settings: "liga" 1,"kern" 1; font-variant-ligatures: normal; font-kerning: normal; } a { text-decoration: underline; } .cmp_footer { font-family: Archivo-Light; color: #bec3c8; font-size: 14px; font-weight: 300; line-height: 1.6em; letter-spacing: .03em; background-color: #001423; color: #fff; padding: 3em 0 2em 0; text-align: center; } @media (min-width: 992px) .cmp_footer__newsletter { grid-area: newsletter; margin-top: 2.5em; } .cmp_footer { font-family: Archivo; color: #bec3c8; font-size: 14px; font-weight: 300; line-height: 1.6em; letter-spacing: .03em; background-color: #001423; color: #fff; padding: 3em 0 2em 0; text-align: center; } .btn.btn-inverse.btn-outline { border: 1px solid #fff; }

Community

Troubleshooting Common topics

How to collect quarantined files using Quarantine Dumper Tool

Issue:

How to collect the quarantined files on an affected Windows machine using WithSecure Quarantine Dumper, and then submit the files for analysis.

Resolution:

Collect quarantined files using F-Secure/WithSecure Quarantine Dumper by following the instructions below:

Click on this link to download F-Secure Quarantine Dumper to a location of your choice, for example, c:\temp.
Launch Command Prompt (CMD).
Navigate the directory to the location you selected in step 1. For example, type cd c:\temp\ and press Enter on your keyboard to go to c:\temp\ folder.
Type fsdumpqrt.exe -d c:\temp\ to run the tool.
Enter your administrator credentials when prompted. F-Secure license terms are now shown.
Scroll all the way to the end of the license terms before you can accept them.
Press E on your keyboard to accept the license terms.
Press any key to complete the run. The quarantined files will be collected in a file named malware_samples.zip with the default password (infected) in the location you specified in step 1.

These are the parameters that can be used in the tool:

-d, --destination: Destination directory for output (default: current admin desktop)
-p, --password: Password for output (default: "infected")
-v, --verbose: Verbose output
-a, --accept-eula: Accept EULA
-s, --silent: Silent mode
-l, --list: Only list contents, nothing is written to disk

Tip: Running the fsdumpqrt.exe tool in command prompt without additional command line parameters will print out a short tool description and the extra parameters for using the tool.

Article no: 000002484