Support

Support for business applications

Kaspersky Endpoint Security 10 for Windows

Managing Quarantine and Backup

About Quarantine and Backup

Kaspersky Endpoint Security 10 for Windows
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ System requirements Upgrade to KES 12 for Windows Forum Contact support Recovery tools Product videos

About Quarantine and Backup

22 December 2022

ID 128121

Get as PDF

Quarantine is a list of probably infected files. Probably infected files are files that may contain viruses and other threats, or varieties of such threats.

When Kaspersky Endpoint Security quarantines a probably infected file, it does not copy the file, but moves it: the application deletes the file from the hard drive or email message and saves the file in a special data storage. Files in Quarantine are saved in a special format and do not pose a threat.

Kaspersky Endpoint Security can detect and quarantine a probably infected file while running a virus scan and also during operation of the File Anti-Virus, Mail Anti-Virus and System Watcher components.

Kaspersky Endpoint Security places files in Quarantine in the following cases:

  • File code resembles a known but partly modified malicious program, or has a malware-like structure, and is not listed in the Kaspersky Endpoint Security database. In this case, the file is placed in Quarantine after heuristic analysis by File Anti-Virus and Mail Anti-Virus, or during a virus scan. Heuristic analysis rarely causes false positives.
  • The sequence of operations that a file performs is dangerous. In this case, the file is placed in Quarantine after the System Watcher component has analyzed its behavior.

Backup is a list of backup copies of files that have been deleted or modified during the disinfection process. Backup copy is a file copy created at the first attempt to disinfect or delete this file. Backup copies of files are stored in a special format and do not pose a threat.

Sometimes it is not possible to maintain the integrity of files during disinfection. If you partially or completely lose access to important information in a disinfected file after disinfection, you can attempt to restore the disinfected copy of the file to its original folder.

It is possible that, after another database or application software module update, Kaspersky Endpoint Security can definitely identify the threats and neutralize them. It is therefore recommended to scan quarantined files after each database and application software module update.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.