Next Topic

Previous Topic

Book Contents

View Threats

The View Threats page lists files that have been placed in quarantine due to a suspicious or confirmed threat. The page provides you with the following actions:

  • Restore As Is - Restore the file from quarantine and make no changes to it.
  • Attempt to Clean & Restore - Attempt to remove the malware infecting the file, then restore the file.
  • Delete - Delete the file.
  • Cancel Pending Operation - Cancel any of the other actions, if they have not yet been completed.
  • Add to PUP Exclusion List - Selected threats are added to the exclusion list for the profile assigned to the machine they were found on. The PUP Exclusion List is maintained using the Define Profile > PUP Exclusions tab.
  • Purge - Removes the threat record without taking any other action.

Note: If both cleaning and deletion fail, it may mean the file is open. Kill any processes keeping the file open and try to delete the file again.

Current / Historical

Click the Current Threats tab to display threats you can take action on. Click the Historical Threats tab to display threats you have already taken action on. For example, purged and deleted threats display only on the Historical Threats tab.

Note: Any malware detected by MS Exchange Server email protection is immediately deleted from the MS Exchange Server and displays only on the Historical Threats tab of the View Threats page.

Apply Filter / Reset Filter

Click Apply Filter to filter the rows displayed by the text entered in the Machine.Group, File Path or Threat Name fields. Click Reset Filter to display all rows of data.

Filter Fields

Filter the display of threats using text fields, a date range and/or drop-down lists. Include an asterisk (*) wildcard with the text you enter to match multiple records.

  • Machine.Group - Filter by the machine ID.group ID of the managed machines reporting threats.
  • Threat Path - Filter by pathname location of files on managed machines with reported threats.
  • Time, Min, Max - Filter by a range of dates and times the threats were last detected.
  • Threat Name - Filter by the name of the threat, as designated by the anti-malware definitions used to detect a threat.
  • Category - Filter by the type of threat reported. Select All OFF or All ON to enable or disable all categories.
  • Actions - Filter by pending or completed actions taken against view threat records. Select All OFF or All ON to enable or disable actions.
  • Status - Filter by Pending or Failed. Displays only in the Current Threats page.