Detections

Anti-Malware (Classic) > Show > Manage Detections

The Detections page displays virus threats not automatically resolved by Anti-Malware (Classic). Use the information listed on this page to investigate threats further and manually remove them. The list of machines displayed depends on the machine ID / group ID filter and machine groups the user is authorized to see using System > Scopes.

Actions

• Details - Click to learn more about a selected threat from Kaspersky’s Securelist web site.
• Add Exclusion - Adds selected rows to the excluded list.
• Delete - Sends a request to the endpoint to delete the quarantined file.
• Restore - Sends a request to the endpoint to remove the file from quarantine. The file is no longer considered a threat.
• Hide - Do not show in this list. Hiding does not delete the threat.
• Filter - Filters the list by one of the following:
  • Clear Filter - Removes all filtering from the list.
  • Active Threats - Displays Anti-Malware (Classic) threats that have been detected but not yet disinfected, deleted or excluded.
  • Quarantined Files - Displays quarantined files.
  • Deleted Files - Displays a list of deleted files.
  • Threats Last <N periods> - Filters the list by one or several predefined time periods.

Table Columns

• Machine Name - The machine ID.
• Name - The name of the threat.
• Path - The location of the threat on the managed machine.
• Time - The date and time the threat was detected.
• Status - The status of the threat. Status messages include but are not limited to:
  • Detection by Scanner
    • Failed to unload process - A reboot is probably needed to complete the removal of malware.
    • Unloaded process successfully
    • Delete on reboot - A reboot is needed to complete the removal of malware.
    • Quarantined and deleted successfully
    • Not selected for removal - The item was not selected and probably is not a threat.
  • Detection by Protection Module
    • ALLOW - User has clicked Ignore on a malware detection.
    • QUARANTINE - User has clicked Quarantine on a malware detection
    • DENY - User has clicked Quarantine on a malware detection but the blocking was unsuccessful or detection already blocked.
• Type - The category of threat.
• Profile Name - The name of the profile in use when this threat was detected.