If a file was incorrectly detected as bad and quarantined by OpenText™ Core Endpoint Protection, there are multiple options available to restore the files that were quarantined:
Option 1: Restore Point
If you are running in an Active Directory environment and have recent restore points for the affected machines, it is recommend to create a script to roll these machines back to a time prior to the issue.
Option 2: Access to Client (Agents MUST be in an Unmanaged policy for this option.)
If you can access the affected computers and launch the OpenText™ Core Endpoint Protection GUI, you can use the agent GUI to restore the files from quarantine.
For information on modifying endpoint policies, click here.
Option 3: Access to client & reboot to safe mode w/ Networking
If access to the affected endpoint is not possible because it cannot boot normally, try booting in Safe Mode with networking. If this is successful open the OpenText™ Core Endpoint Protection GUI and restore the files from quarantine. This should restore the files to a state prior to the issue.
Option 4: Agent Commands via Console
Finally, you can issue agent commands from the Console
If you are running in an Active Directory environment and have recent restore points for the affected machines, it is recommend to create a script to roll these machines back to a time prior to the issue.
Option 2: Access to Client (Agents MUST be in an Unmanaged policy for this option.)
If you can access the affected computers and launch the OpenText™ Core Endpoint Protection GUI, you can use the agent GUI to restore the files from quarantine.
For information on modifying endpoint policies, click here.
Option 3: Access to client & reboot to safe mode w/ Networking
If access to the affected endpoint is not possible because it cannot boot normally, try booting in Safe Mode with networking. If this is successful open the OpenText™ Core Endpoint Protection GUI and restore the files from quarantine. This should restore the files to a state prior to the issue.
Option 4: Agent Commands via Console
Finally, you can issue agent commands from the Console
- Log into the OpenText™ Management Console.
- In the left nav bar, click Entities.
- In the Sites & Groups list, find and click the Site name that contains the devices that need files restored.
- Check the boxes for the devices, then click the Agent Commands drop-down menu at the top of the screen.
- Select the agent command - Restore Files, which opens a new window.
- Enter the MD5 File Hash for the files to restore. A list is available in the device details section.
Tip: Click the device in the Entities section to view the device details. - Click Restore File, the system will briefly display a Success message.
- Agent Commands are received and processed during the polling interval assigned to the policy for that device.
- For information on forcing a device to check-in, click here.
If you need additional assistance, click here for Support options.
Thanks for your feedback!
Powered by NOHOLD Inc. U.S. Patent No. 10,659,398
All Contents Copyright© 2025