The Connection Details section of the
All Detection - Detection Details screen contains the following
information:
Click View in Threat Connect to connect with Threat Connect, where you can search for current information about
the threat.
Click Download and then select Connection
Details to download a CSV file of the connection details.
Click Download and then select Detected
File to download a password protected ZIP archive containing the detected file.
If a packet capture has been enabled and the detection matched a packet
capture rule, click Download and then select PCAP
File to download a password protected ZIP archive containing the pcap file. In
the pcap file, the comment "Detected Packet" in the "pkt_comment" field marks the
packet that
triggered the detection.
Click Download and then select
All to download a password protected ZIP archive containing the
detected file, the packet capture file, and the connection details.
 |
Important
Suspicious files and pcap files must always be handled with caution.
Extract the detected file and pcap file at your own risk. Trend Micro recommends analyzing the files in an
isolated environment.
The password for the zip archive is "virus".
|
