If malicious code is detected in a file, Kaspersky Endpoint Security blocks the file, assigns the Infected status to it, places a copy of it in Backup, and attempts to disinfect it. If file disinfection succeeds, the status of the backup copy of the file changes to Disinfected. The file becomes available in its original folder. If a file cannot be disinfected, Kaspersky Endpoint Security deletes it from its original folder. You can restore the file from its backup copy to its original folder.
Files with the Will be disinfected on computer restart status cannot be restored. Restart the computer, and the file status will change to Disinfected or Deleted. You can also restore the file from its backup copy to its original folder.
Kaspersky Endpoint Security automatically deletes backup copies of files with any status from Backup after the storage term configured in application settings has elapsed. You can also manually delete any copy of a file from Backup.
Upon detecting malicious code in a file that is part of the Windows Store application, Kaspersky Endpoint Security immediately deletes the file without moving a copy of the file to Backup. You can restore the integrity of the Windows Store application by using the appropriate tools of the Microsoft Windows 8 operating system (see the Microsoft Windows 8 help files for details on restoring a Windows Store application).
The set of backup copies of files is presented as a table. While managing Backup, you can perform the following actions with backup copies of files:
For a backup copy of a file, the path to the original folder of the file is displayed. The path to the original folder of the file may contain personal data.
You can also perform the following actions while managing data in the table:
You can copy information about selected Backup files to the clipboard. To select multiple Backup files, right-click to open the context menu of any file and choose Select all. To deselect files that you do not want to scan, click them while holding down the CTRL key.