Processing of active threats
An infected file is considered processed if Kaspersky Endpoint Security disinfected the file or removed the threat as part of scanning the computer for viruses and other malware.
Kaspersky Endpoint Security moves the file to the list of active threats if, for any reason, Kaspersky Endpoint Security failed to perform an action on this file according to the specified application settings while scanning the computer for viruses and other threats.
This situation is possible in the following cases:
- The scanned file is unavailable (for example, it is located on a network drive or on a removable drive without write privileges).
- In the Malware Scan task settings, the action on threat detection is set to Notify. Then, when the infected file notification was displayed on the screen, the user selected Skip.
If there are any unprocessed threats, Kaspersky Endpoint Security changes the icon to 
. In the main application window, the threat notification is displayed (see the figure below). In the Kaspersky Security Center console, the status of the computer is changed to Critical – 
.
How to process a threat in the Administration Console (MMC)
How to process a threat in the Web Console and Cloud Console
How to process a threat in the application interface
Main application window when a threat is detected
