Quarantine Scan
By default, after each database update, Kaspersky Embedded Systems Security performs the Quarantine Scan system task. The task settings are described in the table below. The Quarantine Scan task settings cannot be modified.
You can configure the task start schedule, start it manually, and modify the permissions of the account used to start the task.
After scanning quarantined objects following a database update, Kaspersky Embedded Systems Security may reclassify some of them as not infected: the status of such objects is changed to False alarm. Other objects may be reclassified as infected, in which case Kaspersky Embedded Systems Security handles such objects as specified by the Quarantine Scan task settings: disinfect, or delete if disinfection failed.
Quarantine Scan task settings
Quarantine Scan task setting | Value |
---|---|
Scan scope | Quarantine folder |
Security settings | The same for the entire scan scope; their values are provided in the next table |
Scan settings in the Quarantine Scan task
Security setting | Value |
---|---|
Scan objects | All objects included in the scan scope |
Optimization | Disabled |
Action to be performed with infected and other detected objects | Disinfect, delete if disinfection is impossible |
Action to be performed on infected objects | Skip |
Exclude objects | No |
Do not detect | No |
Stop scan if takes longer than (sec) | Not configured |
Do not scan objects larger than (MB) | Not configured |
Scan alternate NTFS streams | Enabled |
Boot sectors of drives and MBR | Disabled |
Using iChecker technology | Disabled |
Using iSwift technology | Disabled |
Scan compound objects |
|
Checking files for Microsoft signatures | Not performed |
Use heuristic analyzer | Enabled with Deep analysis level |
Trusted zone | Not applied |