The search string is strict i.e. it must be an exact match. The query fields do not support wildcards.
Inputs for the fields are as follows:
Infected Files/Objects: File Name
Security Threat: Detection Name (e.g. BKDR_XXXX.XXX)
File Path: File Path of which subject files are detected
e.g. After a file [C:\temp\eicar.com.txt] was detected and quarantined, if you want to restore it,
Input: Infected Files/Objects: eicar.com.txt
Security Risk: Eicar_test_1
File Path: C:\temp\
For Security Risk, Threat Name is case sensitive.
You can leave the following fields empty when searching the quarantined files:
Security Risk:
File Path:
But if you want to search for [C:\temp\eicar.com.txt], you cannot use the following search phrase to search for a file detected under C:\temp\:
File Path: C:\