Enable Behavior Detection

This check box enables or disables the Behavior Detection component.

The check box is selected by default.

Action on malware activity detection

The action to be performed by Kaspersky Endpoint Security upon detecting malicious activity in the operating system:

• Block the application that performs malicious activity (default value). Kaspersky Endpoint Security terminates the process that performs malicious activity and logs information about the detected malicious activity.
• Inform user. Kaspersky Endpoint Security does not terminate the process that performs malicious activity; it only records the detection of malicious activity in the event log.

Use exclusions by process

This check box enables or disables exclusions by process in the operation of the Behavior Detection component.

This check box is cleared by default.

The Configure button opens the Exclusions by process window. In this window, you can exclude the activity of processes.