I recently received a spat of Keystroke Logger Activity detected, but KIS 7.0 was unable to detect who was doing it.

My option at this point was to go into Settings, Threats and Exclusions, Trusted Zone, Exclusion Mask and set up a mask with Threat Type and Component, but not specifying an Object, thus shutting down Proactive Defense for Keystroke Loggers.

Could you please create a class of Object called Unidentified? If a suspect activity is taking place and the offender can't be identified have an Object class called Unidentified would at least let some scanning for keystroke loggers continue without shutting down the whole Threat Type.

Is this a corner case? Yes. But if KIS can't identify an Object at least provide some means to continue partial protection against a Threat Type (in other words, KIS should learn to fail gracefully when faced with the unknown).

hello
can you post a screenshot of the exact exclusion? if it's a driver the exclusion can be mentioned inside the verdict (keylogger drivers\something) for example