The Remediation Engine lets Kaspersky Endpoint Security roll back actions that have been performed by malware in the operating system.
When rolling back malware activity in the operating system, Kaspersky Endpoint Security handles the following types of malware activity:
Kaspersky Endpoint Security deletes executable files that have been created by a malicious program and are located on any media, except for network ones.
Kaspersky Endpoint Security deletes executable files that were created by programs that have been infiltrated by malware.
Kaspersky Endpoint Security does not restore changed or deleted files.
Kaspersky Endpoint Security deletes partitions and registry keys that have been created by malware.
Kaspersky Endpoint Security does not restore modified or deleted partitions and registry keys.
Kaspersky Endpoint Security terminates processes that have been initiated by a malicious program.
Kaspersky Endpoint Security terminates processes into which a malicious program has penetrated.
Kaspersky Endpoint Security does not resume processes that have been halted by a malicious program.
Kaspersky Endpoint Security blocks the network activity of malicious programs.
Kaspersky Endpoint Security blocks network activity of processes into which a malicious program has penetrated.
A rollback of malware actions can be started by the File Threat Protection component or during a virus scan.
Rolling back malware operations affects a strictly defined set of data. Rollback has no adverse effects on the operating system or on the integrity of your computer data.
Page top