User guide
N O T I F I C A T I O N S
133
To apply the selected action to all objects of the same status detected in the current session of protection component or a
task operation, check the Apply to all box. The current session is the time from when the component is started until it
is disabled or the application is restarted or the time from beginning a virus scan until it is complete.
SUSPICIOUS OBJECT DETECTED
If File Anti-Virus, Mail Anti-Virus, or a virus scan detects an object containing code from an unknown virus or modified
code of a known virus, a special notification will pop up.
It contains:
The threat type (for instance, virus, Trojan) and the name of the object as listed in the Kaspersky Lab Virus
Encyclopedia. The name of the dangerous object is given as a link to www.viruslist.com, where you can find
more detailed information on the type of threat detected on your computer.
Full name of the object and a path to it.
You are asked to select one of the following responses to the object:
Quarantine – move the object to the quarantine. When you place an object in Quarantine, it is moved, not
copied: the object is deleted from the disk or email, and saved in the Quarantine folder. Files in Quarantine are
saved in a special format and are not dangerous.
When you scan Quarantine later with updated threat signatures, the status of the object could change. For
example, the object may be identified as infected and can be processed using an updated database. Otherwise,
the object could be assigned the not infected status, and then restored.
If a file is quarantined manually and after a subsequent scan turns out to be uninfected, its status will not change
to OK immediately after the scan. This will only occur if the scan took place after a certain amount of time (at
least three days) after quarantining the file.
Delete – delete the object. Before deleting, a backup copy of the object is created in case the necessity arises to
restore it or a portrait of its infection.
Skip – block access to the object but perform no actions on it; simply record information about it in a report.
You can later come back to skipped objects in the report window. However, you cannot postpone processing
objects detected in emails.
To apply the selected action to all objects of the same status detected in the current session of protection component or a
task operation, check the Apply to all box. The current session is the time from when the component is started until it
is disabled or the application is restarted or the time from beginning a virus scan until it is complete.
If you are sure that the object detected it is not malicious, we recommend adding it to the trusted zone to avoid the
program making repeat false positives when you use the object.
DANGEROUS ACTIVITY DETECTED IN THE SYSTEM
When Proactive Defense detects dangerous application activity on your system, a special notification pops up containing:
The name of the threat as it is listed in the Kaspersky Lab Virus Encyclopedia. The name of the threat is given
as a link to www.viruslist.com, where you can find detailed information on the type of threat detected.
Full name of the file of the process that initiated the dangerous activity and a path to it.