can you check if your config file has quar_hits=1 or quar_hits="1" Neither [ QUARANTINE OPTIONS ] ## # The default quarantine action for malware hits # [0 = alert only, 1 = move to quarantine & alert] quarantine_hits="0" Update: [root@server...