Quarantine and Backup storage
Quarantine is a special repository that stores the objects possibly infected with viruses. Potentially infected objects are objects that are suspected of being infected with viruses or their modifications.
A potentially infected object can be detected and quarantined by File Anti-Virus, Mail Anti-Virus, Proactive Defense or in the course of a virus scan.
Objects are quarantined in the following cases:
- Object code resembles a known but partially modified threat, or has malware-like structure but is not registered in the database. In this case objects are moved to Quarantine after heuristic analysis performed by the File Anti-Virus, Mail Anti-Virus or during anti-virus scan. Heuristic analysis rarely causes false alarms.
- The sequence of operations performed by an object looks suspicious. In this case objects are moved to Quarantine after the analysis of their behavior by Proactive Defense component.
When you place an object in Quarantine, it is moved, not copied: the object is deleted from the disk or email, and saved in the Quarantine folder. Files in Quarantine are saved in a special format and are not dangerous.
Backup storage is designed for storing backup copies of infected objects that could not been disinfected immediately after detection.
It is possible that after the next databases update, Kaspersky Anti-Virus will be able to identify the threat unambiguously and neutralize it. Due to this fact, the application scans quarantined objects after each update.
|
In this section: |