An infected file is considered processed if Kaspersky Endpoint Security disinfected the file or removed the threat as part of scanning the computer for viruses and other malware.
Kaspersky Endpoint Security moves the file to the list of active threats if, for any reason, Kaspersky Endpoint Security failed to perform an action on this file according to the specified application settings while scanning the computer for viruses and other threats.
This situation is possible in the following cases:
The scanned file is unavailable (for example, it is located on a network drive or on a removable drive without write privileges).
In the Malware Scan task settings, the action on threat detection is set to Notify. Then, when the infected file notification was displayed on the screen, the user selected Skip.
If there are any unprocessed threats, Kaspersky Endpoint Security changes the icon to . In the main application window, the threat notification is displayed (see the figure below). In the Kaspersky Security Center console, the status of the computer is changed to Critical – .
In the Administration Console, go to the folder Administration Server → Additional → Repositories → Active threats.
The list of active threats opens.
Select the object that you want to process.
Choose how you want to handle the threat:
Disinfect. If this option is selected, the application automatically attempts to disinfect all infected files that are detected. If disinfection fails, the application deletes the files.
In the main window of the Web Console, select Operations → Repositories → Active threats.
The list of active threats opens.
Select the object that you want to process.
Choose how you want to handle the threat:
Disinfect. If this option is selected, the application automatically attempts to disinfect all infected files that are detected. If disinfection fails, the application deletes the files.
In the main application window, in the Monitoring section, click the Protection is at risk tile.
The list of active threats opens.
Select the object that you want to process.
Choose how you want to handle the threat:
Resolve. If this option is selected, the application automatically attempts to disinfect all infected files that are detected. If disinfection fails, the application deletes the files.
Add to exclusions. If this action is selected, Kaspersky Endpoint Security suggests adding the file to the list of scan exclusions. Settings of the exclusion are configured automatically. If adding an exclusion is not available, it means that the administrator has disabled adding exclusions in policy settings.
Ignore. If this option is selected, Kaspersky Endpoint Security deletes the entry from the list of active threats. If there are no active threats remaining on the list, the computer status will be changed to OK. If the object is detected again, Kaspersky Endpoint Security will add a new entry to the list of active threats.
Open containing folder. If this option is selected, Kaspersky Endpoint Security opens the folder containing the object in the file manager. You can then manually delete the object or move the object to a folder that is not within the protection scope.