Dangerous activity detected in the system
When Proactive Defense detects dangerous application activity on your system, a notification pops up.
The notification contains the following information:
You can select one of the following actions:
- Quarantine – close the application, move the application file to Quarantine where it poses no threat to your computer’s security.
A certain folder, where all possibly infected objects are placed, which were detected during scans or by real-time protection.
With further scans of Quarantine, the status of the object may change. For example, the object may be identified as infected and can be processed using an updated database. Otherwise, the object could be assigned the not infected status, and then restored.
If you manually move to Quarantine a file that turns out to be not infected at the next scan, its status changes to OK only if the file has been scanned for three days after it had been moved to Quarantine, or later.
- Terminate – interrupt the application from running.
- Allow – allows the application to run.
To apply the selected action to all objects with the same status detected in the current session of Proactive Defense operation, check the  Always perform in such cases box. The current session is the time since the moment the component was started until the moment it was closed or the application was restarted.
If you are sure that the program detected is not dangerous, we recommend adding it to the trusted zone to avoid Kaspersky Internet Security making repeat false positives when detecting it.
|
Page top 
icon is displayed next to the name of the malicious object. Click it to open the window with information about the object. Clicking the