Kaspersky Lab Internet Security 2011, Base, 5U, 1Y, ENG KL1837UCEFS ユーザーズマニュアル
製品コード
KL1837UCEFS
U
S E R
G
U I D E
212
To apply the selected action to all objects with the same status detected in the current session of Proactive Defense,
check the Apply to all objects box. The current session is the time since the moment the component was started until
the moment it was closed or the application was restarted.
check the Apply to all objects box. The current session is the time since the moment the component was started until
the moment it was closed or the application was restarted.
If you are sure that the program detected is not dangerous, we recommend adding it to the trusted zone to avoid
Kaspersky Internet Security making repeat false positives when detecting it.
Kaspersky Internet Security making repeat false positives when detecting it.
R
OLLING BACK THE CHANGES MADE BY A DANGEROUS APPLICATION
When running of a potentially dangerous application finishes, you are advised to roll back (cancel) the changes that it
has made in the system. In this case, a notification with a request for changes rollback is displayed on the screen.
has made in the system. In this case, a notification with a request for changes rollback is displayed on the screen.
The notification provides the following information:
Request for rollback of the changes made by a potentially dangerous application.
Type and name of the application.
The
icon is displayed next to the name of the application. Click it to open the window with information about
the application.
ID of the process and name of the application file, including the path to it.
You can select one of the following actions:
Yes, roll back
– attempt to roll back the changes made by the application.
Skip
– cancel changes rollback.
M
ALICIOUS APPLICATION DETECTED
When System Watcher detects an application whose behavior completely matches the activities of malicious
applications, a notification is displayed on the screen.
applications, a notification is displayed on the screen.
The notification provides the following information:
Threat description.
Type and name of the malicious application.
The
icon is displayed next to the name of the application. Click it to open the window with information about
the application.
ID of the process and name of the application file, including the path to it.
Link to the window with the application emergence log.
You can select one of the following actions:
Quarantine
– close the application, move the application file to Quarantine where it poses no threat to your
computer's security.
With further scans of Quarantine, the status of the object may change. For example, the object may be identified
as infected and can be processed using an updated database. Otherwise, the object could be assigned the not
infected status, and then restored.
as infected and can be processed using an updated database. Otherwise, the object could be assigned the not
infected status, and then restored.
If you manually move to Quarantine a file that turns out to be not infected at the next scan, its status only
changes to OK if the file has been scanned for three days after it had been moved to Quarantine, or later.
changes to OK if the file has been scanned for three days after it had been moved to Quarantine, or later.
Terminate
– interrupt the application from running.