Hidden process detected
If Proactive Defense detects a hidden process in the system, a notification is displayed on the screen.
The notification provides the following information:
- Threat description.
- Type and name of threat as listed in the Kaspersky Lab Virus Encyclopedia.
The icon is displayed next to the name. Click it to open the window with information about the threat. Clicking the www.securelist.com/en/ in the window allows you to go to the Virus Encyclopedia website and obtain more detailed information about the threat.
- Name of the process file, including the path to it.
You are asked to select one of the following actions:
A certain folder, where all possibly infected objects are placed, which were detected during scans or by real-time protection.
With further scans of Quarantine, the status of the object may change. For example, the object may be identified as infected and can be processed using an updated database. Otherwise, the object could be assigned the not infected status, and then restored.
If you manually move to Quarantine a file that turns out to be not infected at the next scan, its status changes to OK only if the file has been scanned for three days after it had been moved to Quarantine, or later.
– close the process, move the process file to Quarantine where it poses no threat to your computer’s security.
- – interrupt the process.
- Allow – allows the execution of the process.
To apply the selected action to all hidden processes with the same status detected in the current session of Proactive Defense operation, check the Always perform in such cases box. The current session is the time since the moment the component was started until the moment it was closed or the application was restarted.
If you are sure that the process detected is not dangerous, we recommend adding it to the trusted zone to avoid Kaspersky Anti-Virus making repeat false positives when detecting it.