Rolling back malware operations affects a strictly defined set of data. Rollback has no adverse effects on the operating system or on the integrity of your computer data.
Open the Kaspersky Security Center Administration Console.
In the Managed devices folder in the Administration Console tree, open the folder with the name of the administration group to which the relevant client computers belong.
In the workspace, select the Policies tab.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Advanced Threat Protection → Remediation Engine.
Use the Remediation Engine check box to enable or disable the component.
In the lower part of the main application window, click the button.
In the application settings window, select Protection → Advanced Threat Protection → Remediation Engine.
Use the Remediation Engine toggle to enable or disable the component.
Save your changes.
As a result, if Remediation Engine is enabled, Kaspersky Endpoint Security will roll back the actions taken by malicious applications in the operating system.