Choose action in the event malicious activity is detected in a program

When Kaspersky Endpoint Security detects malicious activity of an application, it logs the Malicious object detected entry in application reports (Reports → Behavior Detection).

In order to choose what to do if a program engages in malicious activity, perform the following steps:

1. In the main application window, click the Settings button.
2. In the left part of the window, in the Advanced Threat Protection section, select the Behavior Detection subsection.

   In the right part of the window, the settings of the Behavior Detection component are displayed.

3. Select the necessary action in the On detecting malware activity drop-down list:
   • Delete file.

     If this item is selected, on detecting malicious activity Kaspersky Endpoint Security deletes the executable file of the malicious application and creates a backup copy of the file in Backup.

   • Terminate the program.

     If this item is selected, on detecting malicious activity Kaspersky Endpoint Security terminates this application.

   • Inform.

     If this item is selected and malware activity of an application is detected, Kaspersky Endpoint Security adds information about the malware activity of the application to the list of active threats.

4. To save changes, click the Save button.

Page top