About active threats

Kaspersky Endpoint Security logs information about files that it has not processed for some reason. This information is recorded in the form of events in the list of active threats.

An infected file is considered processed if Kaspersky Endpoint Security performs one of the following actions on this file according to the specified application settings while scanning the computer for viruses and other threats:

• Disinfect.
• Remove.
• Delete if disinfection fails.

Kaspersky Endpoint Security moves the file to the list of active threats if, for any reason, Kaspersky Endpoint Security failed to perform an action on this file according to the specified application settings while scanning the computer for viruses and other threats.

This situation is possible in the following cases:

• The scanned file is unavailable (for example, it is located on a network drive or on a removable drive without write privileges).
• The action that is selected in the Action on threat detection section for scan tasks is Inform, and the user selects the Skip action when a notification about the infected file is displayed.

You can perform one of the following actions:

• Manually start a Custom Scan task for files in the list of active threats after updating databases and application modules. File status may change after the scan.
• Delete entries from the list of active threats.

Page top