Dangerous activity detected in the system
When Proactive Defense detects dangerous application activity on your system, a notification pops up.
The notification contains the following information:
- Threat description.
- Type of threat and name of the malicious object as listed in the Kaspersky Lab Virus Encyclopedia.
The icon is displayed next to the name of the malicious object. Click it to open the window with information about the object. Clicking the www.securelist.com/en/ link in this window allows you to go to the Virus Encyclopedia website and obtain more detailed information about the threat posed by the object.
- ID of the process and name of the application file, including the path to it.
You can select one of the following actions:
A certain folder, where all possibly infected objects are placed, which were detected during scans or by real-time protection.
With further scans of Quarantine, the status of the object may change. For example, the object may be identified as infected and can be processed using an updated database. Otherwise, the object could be assigned the not infected status, and then restored.
If you manually move to Quarantine a file that turns out to be not infected at the next scan, its status changes to OK only if the file has been scanned for three days after it had been moved to Quarantine, or later.
– close the application, move the application file to Quarantine where it poses no threat to your computer’s security.
- – interrupt the application from running.
- Allow – allows the application to run.
To apply the selected action to all objects with the same status detected in the current session of Proactive Defense operation, check the
box. The current session is the time since the moment the component was started until the moment it was closed or the application was restarted.If you are sure that the program detected is not dangerous, we recommend adding it to the trusted zone to avoid Kaspersky Anti-Virus making repeat false positives when detecting it.