Support

Support for business applications

Kaspersky Endpoint Security Cloud

Kaspersky Endpoint Security Cloud Management Console

Managing objects in Quarantine

About categories of objects in the Quarantine section

Kaspersky Endpoint Security Cloud
Knowledge Base Online Help
Advice & Solutions FAQ Download latest version Try Buy Renew Forum Contact support Recovery tools

About categories of objects in the Quarantine section

March 5, 2024

ID 119654

Security applications may move files to Quarantine or create backup copies while running malware scans on managed devices.

The Quarantine section of Kaspersky Endpoint Security Cloud Management Console contains three categories of objects:

  • Quarantine and backup

    This category includes files that could not be disinfected or were considered to be probably infected when they were detected, as well as files that were deleted or modified during disinfection.

    The Quarantine can contain files whose size is not more than 100 MB. If a file that needs to be quarantined is larger, the file remains intact and Kaspersky Endpoint Security for Windows generates a respective event.

  • Unprocessed files

    This category includes files whose disinfection failed or was postponed (for example, a file that is currently used by another process or an archived file that is not supported in the current version of Kaspersky Endpoint Security Cloud).

  • Detections of Adaptive Anomaly Control rules

    This category includes events about detections that were made during the training of Adaptive Anomaly Control rules in the Smart mode. When processing the list of detections, you can either confirm them or add them to exclusions, depending on whether a detection is actually anomalous behavior or not.

Selecting the Quarantine section in Kaspersky Endpoint Security Cloud Management Console displays a list of files in the Quarantine and backup category.

The Quarantine section displays files detected on Windows devices and Mac devices. Adaptive Anomaly Control detections are made only on Windows devices

Objects in the Quarantine section are stored in encrypted form.

You can perform the following actions in the Quarantine section:

  • View information about files.
  • Restore files to their original folders on the device.
  • Delete files.

The list of files in the Quarantine and backup and Unprocessed files categories is displayed as a table with the following columns:

  • File

    Name of the file and version of the operating system installed on the device on which the file was detected.

  • Device name

    Name of the device on which the file was detected.

  • Device owner

    Name of the device owner on whose device the file was detected.

  • Location (only in the Quarantine and backup category)

    Where the file is placed: Quarantine or Backup.

  • Last operation

    Last operation performed on the file, including the time, date, and name of the initiator of the operation.

You can sort the list of files by the Name column.

To sort the list,

Click the link containing the column name.

The column name is displayed in uppercase characters. Next to the name of the column, an up arrow (˄) indicates the sorting direction. To change the sorting direction, click one more time. Next to the name of the column, a down arrow (˅) appears.

Kaspersky Endpoint Security Cloud: High protection of the business via a cloud-based console
Protection of all devices against advanced threats. Take control of your cloud with Cloud Discovery.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.