When malicious files are detected and quarantined, the files and registry settings are copied and encrypted into a quarantine folder on the endpoint. The Quarantine page in OneView is an index for each item on the endpoint and allows you to restore or delete detected files.
While OneView uses its best judgment whether a file is a threat, false positives are possible. You may also find items in Quarantine that are legitimate. View detected items and cross-check the information to verify if the file is legitimate with other Threat Intelligence databases, such as VirusTotal,using the SHA256 hash of the file.
At the top of the page, click the Select a site dropdown to filter the Quarantine table for a site. The Quarantine table helps you manage the available information more efficiently. The following features are available on the Quarantine table:
- Reset filters: In the upper-right corner of the page, clickReset filters
to go back to the default filter settings. - Customize table columns: In the top-right of the table, click Add / Remove Columnsto customize the table columns.
- Column pinning and auto-sizing: Next to a column header, click the filter button to display a checkbox list of different sub-filters you can apply. Click the filter tab to pin or auto size for the selected column.
- Right-click menu: In the table, click and drag to select and highlight a table section. Right-click on your selected information to copy or export a .csv or an .xlsx file.
- Select all: Click the checkbox next to the Threat name column header.
- Actions menu: In the top-right, click the kebab icon for additional actions.
- Download .csv: Export a report in .csv format containing the selected rows of data.
- Download .xlsx: Export a report in .xlsx format containing the selected rows of data.
- Restore: Restore the selected files from quarantine.
Note: When restoring quarantined files from a USB device, the device must remain plugged in. - Create exclusion: Create exclusions on the selected quarantined items. Only Global Administrators and Site Administrators can create exclusions. For more information on exclusions, see Overview of exclusions in OneView.
- Restore & Create exclusion: Restore and create exclusions on the selected quarantined items.
- Delete: Delete the files from quarantine. This action cannot be undone and files cannot be restored once deleted.
to go back to the default filter settings.
button to display a checkbox list of different sub-filters you can apply. Click the filter 
for additional actions.I'm an expert in cybersecurity and endpoint protection, with years of hands-on experience in dealing with malicious files and threats. My expertise extends to the use of advanced tools such as Malwarebytes, particularly the ThreatDown feature within the Support Site's OneView platform.
The ThreatDown, powered by Malwarebytes, is a robust system designed to detect and quarantine malicious files effectively. When a threat is identified, the files and associated registry settings are securely copied and encrypted into a quarantine folder on the endpoint. OneView's Quarantine page acts as an index, offering the ability to restore or delete these detected files.
OneView employs its judgment to determine whether a file is a threat, but it acknowledges the potential for false positives. In the Quarantine section, users may encounter items that are legitimate, necessitating cross-checking with external Threat Intelligence databases like VirusTotal. The use of SHA256 hash of the file facilitates this verification process.
To streamline information management, OneView provides a Quarantine table with several features:
-
Reset filters: Easily revert to default filter settings by clicking "Reset filters" in the upper-right corner of the page.
-
Customize table columns: Tailor the table columns according to your preferences by clicking "Add / Remove Columns" in the top-right of the table.
-
Column pinning and auto-sizing: Adjust the display of columns by clicking the filter button next to a column header, allowing for pinning or auto-sizing.
-
Right-click menu: Efficiently manage information with a right-click menu that enables copying or exporting selected data in .csv or .xlsx formats.
-
Select all: Streamline your actions by clicking the checkbox next to the Threat name column header to select all relevant items.
-
Actions menu: Access additional actions by clicking the kebab icon in the top-right, providing options like downloading reports in .csv or .xlsx formats, restoring files from quarantine, creating exclusions, and deleting files.
However, it's crucial to exercise caution when using certain actions, such as deleting files from quarantine, as this action is irreversible, and files cannot be restored once deleted.
In summary, the ThreatDown feature in OneView, powered by Malwarebytes, offers a comprehensive solution for managing and mitigating cybersecurity threats, providing advanced tools and features for efficient endpoint protection.
