View and manage files quarantined by Anti-Malware in response to security events.
 |
WARNINGRestoring an infected file can spread the virus/malware to other files and computers.
Before restoring the file, isolate the infected endpoint and move important files
on this endpoint to a backup location.
|
In Endpoint Event Viewer, you can access a list of quarantined files in your environment
by accessing the Anti-Malware events list and enabling Identified file event view. Identified file event view displays events which have associated quarantined files
and whether you have created any Response tasks for the event.
While using Identified file event view, you can create certain management and Response
tasks on quarantined files in your environment. You can view the progress of created
tasks in Response Management.
 |
NoteIf you have determined the file to be safe, create an exception for the file before
restoring the file to prevent the
TrendAI Vision One™ Endpoint Security agent from quarantining the file again. You can create file exceptions
using file lists in Policy Resources. For more information, see File Lists.
|
|
Task
|
Description
|
Details
|
|
Delete files
|
Permanently delete selected quarantined files
|
Select one or more files and click Delete quarantined files
|
|
Restore files
|
Restore quarantined files on the affected endpoint
|
Select one or more files and click Restore quarantined files
|
|
Collect files
|
Collect quarantined files for download to your local endpoint
|
Select one or more files and click Collect quarantined files
Once the task is complete, you can download the collected files from Response Management.
Files are collected in a compressed ZIP file that is password protected. You must
copy the password from the download screen.
|