Skip to main content

Quarantine page in OneView

When malicious files are detected and quarantined, the files and registry settings are copied and encrypted into a quarantine folder on the endpoint. The Quarantine page in Malwarebytes OneView is an index for each item on the endpoint and allows you to restore or delete detected files.  

While Malwarebytes uses its best judgment whether a file is a threat, false positives are possible. You may also find items in Quarantine which are legitimate. View detected items and cross check the information to verify if the file is legitimate with other Threat Intelligence databases such as VirusTotal using the SHA256 hash of the file.

At the top of the page, click the Select a site dropdown to filter the Quarantine table for a site. The Quarantine table helps you manage the available information more efficiently. The following features are available on the Quarantine table:

  • Reset filters: In the upper-right corner of the page, click Reset filters 2021-01-11_12-01-49.png to go back to the default filter settings.
  • Customize table columns: In the top-right of the table, click Add / Remove Columns to customize the table columns.
  • Column pinning and auto-sizing: Next to a column header, click the filter 2020-08-06_13-31-16__1_.png button to display a checkbox list of different sub-filters you can apply. Click the filter 2020-08-06_13-31-16__1_.png tab to pin or auto size for the selected column.
  • Right-click menu: In the table, click and drag to select and highlight a section of the table. Right-click on your selected information to copy or export a .csv or an .xlsx file.
  • Select all: Click the checkbox next to the Threat name column header.
  • Actions menu: In the top-right, click the kebab icon mceclip0.png for additional actions.
    • Download .csv: Export a report in .csv format containing the selected rows of data.
    • Download .xlsx: Export a report in .xlsx format containing the selected rows of data.
    • Restore: Restore the selected files from quarantine.
    • Create exclusion: Create exclusions on the selected quarantined items. Only Global Administrators and Site Administrators can create exclusions. For more information on exclusions, see Overview of exclusions in OneView.
    • Restore & Create exclusion: Restore and create exclusions on the selected quarantined items. 
    • Delete: Delete the files from quarantine. This action cannot be undone and files cannot be restored once deleted.

 

For more information, see Malwarebytes OneView User Guide.

Related articles