Centralized Quarantine

Use this page to centrally view and manage all infected and suspicious files quarantined on endpoints in your environment that cannot be cleaned or deleted at time of detection.

Option	Description
Scan Now	Launches the Scan Now -Virus and Malware Scan wizard. Ensure the latest version of the definition file is installed on the endpoint, as it may contain the definition required to clean the threat detected. Expand the section to view the AV Definition Detected column.
Delete	Deletes selected files from the quarantine on the endpoints. Occasionally the damage caused by a virus renders a file unable to be cleaned and must be deleted. If the file is required to regain the functionality of a program, recover it from a back-up or obtain a copy from a trustworthy source, like the vendor.
Restore	Restores selected files. The only files you should restore are those for which no back-up exists or no copy can be obtained from a trustworthy source, like a vendor. It can be a file that contains important information (for example, a document) or is required to regain the functionality of a program that needs the file to run.

Option

Description

Scan Now

Launches the Scan Now -Virus and Malware Scan wizard.

Ensure the latest version of the definition file is installed on the endpoint, as it may contain the definition required to clean the threat detected. Expand the section to view the AV Definition Detected column.

Delete

Deletes selected files from the quarantine on the endpoints.

Occasionally the damage caused by a virus renders a file unable to be cleaned and must be deleted. If the file is required to regain the functionality of a program, recover it from a back-up or obtain a copy from a trustworthy source, like the vendor.

Restore

Restores selected files.

The only files you should restore are those for which no back-up exists or no copy can be obtained from a trustworthy source, like a vendor. It can be a file that contains important information (for example, a document) or is required to regain the functionality of a program that needs the file to run.

Important: Before you Delete or Restore a file:

Monitor the endpoint for behavior that indicates the quarantined file is needed by a program to function, requiring that a replacement file be obtained.
Ensure the latest version of the definition file is installed on the endpoint, as it may contain the definition required to clean the threat detected. Expand the section to view the AV Definition Detected column.
Consider submitting the quarantined file you want to restore for further analysis. It may be a new virus or a variant of an existing one.

Main Table Columns

Column	Description
File Name	Name of the file AntiVirus has quarantined
Virus/Malware Name	Name of the Virus or Malware detected in the file.
Last Detection date (server)	Point in time when the latest file of this type was detected in your environment.
Endpoints Affected	Number of endpoints in your environment where this file is infected.

File Details Columns

Column	Description
Endpoints	Name of the endpoint with the quarantined file. Click the hyperlink for more details.
IP Address	IP address of the endpoint with the quarantined file.
AV Definition Detected	Version number of the AV definition file installed on the endpoint.
Status	The current status of the quarantined file. The status will be pending when you the system is in the process of deleting or restoring the file from endpoints.
File Path	Path of the location on the endpoint where the file was originally before it was moved to quarantine.
Detection Date	Point in time when the file was scanned using the latest AntiVirus definition file.
SHA-256 Hash	Unique hash assigned to quarantined infected file. SHA-256 is a cryptographic hash function with a 256-bit hash value, typically expressed as a 64 digit hexadecimal number.