If Kaspersky Security detects malicious code in a file while scanning a protected virtual machine, the application blocks the file, assigns the Infected status to it, places a copy of it in Backup, and attempts to disinfect the file.
Backup storage is a list of backup copies of files that have been deleted or modified by the application during the disinfection process. Backup copy is a file copy created by the application before disinfection or deletion of this file. Backup copies of files are stored in a special format and do not pose a threat.
On detecting malicious code in a file that is part of the Windows Store application, Kaspersky Security immediately deletes the file without copying it to Backup. You can restore the integrity of the Windows Store application using tools of the Microsoft Windows operating system.
If file disinfection succeeds, the status of the backup copy of the file changes to Disinfected. You can restore the file from its disinfected backup copy to its original folder.
In Kaspersky Security Center, in Backup there is a consolidated list of files that were placed in Backup by Kaspersky applications on devices. You can view the properties of files in Backups on protected virtual machines, run virus scan for the files in Backup, and delete files from Backup using the Administration Console or the Web Console. Kaspersky Security Center does not copy files from Backups to the Administration Server. Instead, all the files reside in Backups on protected virtual machines. Files are restored on the protected virtual machine.
You can work with the Backup on the protected virtual machine in the local interface of Light Agent for Windows or from the command line of Light Agent for Linux.
When the application is removed, Backup files are removed from the protected virtual machine.
When the defined amount of time expires and the maximum size of Backup is reached, the application automatically deletes backup copies of files with any status from Backup.
You can also manually delete the backup copy of either a restored or unrestored file.