Detections

Antivirus (Classic) > Show > Detections

The Detections page displays virus threats not automatically resolved by Antivirus (Classic). Use the information listed on this page to investigate threats further and manually remove them. The list of machines displayed depends on the machine ID / group ID filter and machine groups the user is authorized to see using System > Scopes.

Actions

• Details - Click to learn more about a selected threat from Kaspersky’s Securelist web site.
• Add Exclusion - Adds selected rows to the excluded list.
• Delete - Sends a request to the endpoint to delete the quarantined file.
• Restore - Sends a request to the endpoint to remove the file from quarantine. The file is no longer considered a threat.
• Hide - Do not show in this list. Hiding does not delete the threat.
• Filter - Filters the list by one of the following:
  • Active Threats - Displays Antivirus (Classic) threats that have been detected but not yet disinfected, deleted or excluded.
  • Quarantined Files - Displays quarantined files.
  • Deleted Files - Displays a list of deleted files.
  • Threats Last <N periods> - Filters the list by one or several predefined time periods.
  • Clear Filter - Removes all filtering from the list.

Table Columns

• Machine Name - The machine ID.
• Name - The name of the threat.
• Path - The location of the threat on the managed machine.
• Time - The date and time the threat was detected.
• Status - The status of the threat. Status messages include but are not limited to:
  • Infected - File was found to be infected with a virus.
  • Suspicious - File is suspicious. Usually this means malware but is not a confirmed, known virus.
  • Disinfected - Kaspersky cleaned the virus from the file.
  • Deleted - File was deleted, either automatically or after it was in quarantine.
  • Quarantined - File is in quarantine, cannot be accessed by the user but can be restored or deleted. To restore a quarantined file, use the password displayed for a machine in the Machines > Details Panel.
  • Detected - Kaspersky made a detection but no action was taken: not quarantined, deleted, etc. This can potentially be an active threat. User needs to process the threat using options available in Manage Detection.
  • Not Found - The file no longer exists. It may have been deleted after it was detected, but it wasn't deleted by Kaspersky. This can occur when a temporary file is found, for example a cookie or temp file, that has already been deleted by deleting the browser cache.
  • Unknown - The file is not recognized by Kaspersky's virus definitions. If further investigation is required, create a Kaseya support ticket.
  • RemediatedByUser - The file was handled manually by the user. In this case, the user got a pop-up asking if they wish to delete/quarantine/ignore this threat and the user took the action on their own.
• Type - The category of threat.
• Profile Name - The name of the profile in use when this threat was detected.