Click any of the items in the Malicious programs and exploits panel, or the Malicious programs and exploits section in the Classification of all programs run and scanned panel, to view a list of all the threats found on the computers protected with Adaptive Defense 360.
There, select Malicious programs.
The default option is Malicious programs.
The top of the window displays a search tool:
Filter (1) restricts the search indicated in text box (2):
Computer: The search string will be applied to the computer name.
Name: The search string will be applied to the malware name.
Date: The search string will be applied to the date of detection.
MD5: MD5 hash value identifying the file.
Infection source: The search string will be applied to the computer that the infection originated from. The text string will be searched in the following fields:
Infection source computer.
Infection source computer IP address.
Infection source user.
Filter (3) shows those threats that match the selected criteria:
Run: The malware was run and the computer is infected.
Not run: Malware detected by the vulnerability protection.
Blocked: Malware identified by Adaptive Defense 360 and prevented from running.
Allowed by the end user: Malware identified by Adaptive Defense 360 and allowed to run by the user.
Access to data files: The malware accessed the disk to collect information from the computer, or to create the files and resources necessary for its execution.
Communications: The malware opened sockets for communicating with other computers, including localhost.
Deleted.
Disinfected: The file was disinfected by the antivirus.
Quarantined: The file could not be disinfected and was sent to quarantine.
The table fields are as follows:
Computer: Computer where the detection took place.
Name: Malware name.
Path: Full path to the infected file.
Already run: The malware has been run.
Accessed data: The threat has accessed files located on the user's computer.
Made external connections: The threat has communicated with remote computers to send or receive data.
Last action: Action taken on the malware (block, allow, quarantine, delete, disinfect, allow by the user, etc.).
Risk: The risk will be high, medium or low, depending on whether the malware was actually run, accessed data or and/or has communicated with external computers, and its activity.
Date: Date when the malware was detected on the computer.
Click the arrow after the Date column to display additional information about the detection, for example dwell time, detection technology, infection source computer IP address and user, as well as other details regarding the malware life cycle and the number of times it has been seen on the network.
Also, this panel will allow you to:
Prevent the item from being detected again.
Restore the item and prevent it from being detected again.
Use the activity graph to view a graphical representation of the actions performed by the threat.
Click
the 
icon
in the Action column to display
the command line and execution parameters used in the attack. You can
copy this data by selecting the text and using the Copy-Paste option in
the context (right-click) menu.
You can also export this information. Use the option to export the malware life cycle to .CSV format. You'll find it in the upper-right corner of the window.
