The quarantine folder is being restricted for the user using Windows rights limitations. So, being blocked when accessing the folder is to be expected. See attached image.
I don’t know why an environmental variable would show up in the alert. Does this happen with 5.4 only?
I just firgured out the pop-up title is whatever the current directory in Windows Explorer is. However, I’ve never seen the event listed in ‘View D+ events’ before.
Furthermore, ‘automatically quarantine’ is disabled, and I’ve not been alerted to any threats in a very long time All threats ever ID’d were false positives and live in AV scan exclusions. To reiterate: AV events is empty and AV quarantine lists are both empty.
AND I’ve never performed any manual scans. I always check after a program update to see if there are AV scheduled scans, and if SVCHost is listed in the Windows System Applications file-group (and remove the entries when discovred).
Although users cannot enter the Quarantine folder programs can. Do you have disk defragmenter or other program that scans your hard drive in the background (Windows indexer or similar program)?
I am not quite sure what you mean here. Can you rephrase?
No - I avoid any sort of scans like the plague; they alter the access time stamp which is essential for the defragger scheme. Indexing services are disabled. MS HDD optimization is disable. I run Ultimate Defrag manually. The only other thing running in background is Windows Defender.
Perhaps this is some new functionality inherent to v5.4? Since I’ve configured stateful AV security level, some sort of scanning occurs after updating the AV defs. But still, ‘auto-quarantine’ is disabled. So how anything got into that folder in the first place is a mystery. I’m guessing only CIS should be writing to that folder.
The only thing I can think of is that it must be a vestige post-installation of cispremium_5_3_50343_1237.exe (prior to importing my pre-existing configs), i.e., something that lives in the AV exclusion list. I did that 11 Apr 16. Functionality in v5.4 discovered that file and looked it up in the cloud.
current directory means whatever the pathname is in Windows Explorer address bar. The pop-up name will be whatever that is if I navigate to the Quarantine folder via the left panel of Windows Explorer, e.g., if I click on the Quarantine folder in the right panel, the pop-up is named: ‘COMODO Internet Security’. If the right panel address is C:\Windows and I navigate to the Quarantine folder via the left panel, the pop-up will be named ‘Windows’
2) current directory means whatever the pathname is in Windows Explorer address bar. The pop-up name will be whatever that is if I navigate to the Quarantine folder via the left panel of Windows Explorer, e.g., if I click on the Quarantine folder in the right panel, the pop-up is named: 'COMODO Internet Security'. If the right panel address is C:\Windows and I navigate to the Quarantine folder via the left panel, the pop-up will be named 'Windows'