Kaspersky Lab WorkSpace Security EU ED, 250-499u, 1Y, RNW KL4851XATFR Manual Do Utilizador
Códigos do produto
KL4851XATFR
U
S E R
G
U I D E
186
Possible responses:
Terminate
– completely shuts down the process attempting to inject.
Block
– blocks invaders.
Skip
– takes no actions; simply records information about it in a report.
To apply the selected action to all objects of the same status detected in the current session of protection component or a
task operation, check the
task operation, check the
Apply to all box. The current session is the time from when the component is started until it
is disabled or the application is restarted, or the time from beginning a virus scan until it is complete.
If you are sure that this action is not dangerous, we recommend adding it to the trusted zone to avoid Kaspersky Anti-
Virus making repeat false positives when that process attempts to inject into another process.
Virus making repeat false positives when that process attempts to inject into another process.
For example, you use an automatic keyboard layout toggler. Kaspersky Anti-Virus identifies the actions of those
programs as dangerous, since attempts to implement in other processes as used by these programs are typical of
several malicious programs (for example, password interceptors, etc.).
programs as dangerous, since attempts to implement in other processes as used by these programs are typical of
several malicious programs (for example, password interceptors, etc.).
H
IDDEN PROCESS DETECTED
When Proactive Defense detects a hidden process on your system, a special notification pops up containing:
The name of the threat as it is listed in the Kaspersky Lab Virus Encyclopedia. The name of the threat is given
as a link to
as a link to
, where you can find detailed information on the type of threat detected.
Full name of the hidden process file and a path to it.
Possible responses:
Quarantine
– place the process' executable file to quarantine. When you place an object in Quarantine, it is
moved, not copied. Files in Quarantine are saved in a special format and are not dangerous.
When you scan Quarantine later with updated threat signatures, the status of the object could change. For
example, the object may be identified as infected and can be processed using an updated database.
Otherwise, the object could be assigned the not infected status, and then restored.
example, the object may be identified as infected and can be processed using an updated database.
Otherwise, the object could be assigned the not infected status, and then restored.
If a file is quarantined manually and after a subsequent scan turns out to be uninfected, its status will not
change to OK immediately after the scan. This will only occur if the scan took place after a certain amount
of time (at least three days) after file quarantine.
change to OK immediately after the scan. This will only occur if the scan took place after a certain amount
of time (at least three days) after file quarantine.
Terminate
– shuts down the process.
Allow
– allows the process to execute.
To apply the selected action to all objects with the same status detected in the current session of the protection
component or the task, check the
component or the task, check the
Apply to all box. The current session is the time from when the component is
started until it is disabled or the application is restarted, or the time from beginning a virus scan until it is complete.
If you are sure that the program detected is not dangerous, we recommend adding it to the trusted zone to avoid
Kaspersky Anti-Virus making repeat false positives when detecting it.
Kaspersky Anti-Virus making repeat false positives when detecting it.
A
TTEMPT TO ACCESS THE SYSTEM REGISTRY DETECTED
When Proactive Defense detects an attempt to access system registry keys, a special notification pops up containing:
The registry key being accessed.