Please enable JavaScript in your web browser!
Remediation Engine
The Remediation Engine lets Kaspersky Endpoint Security roll back actions that have been performed by malware in the operating system.
When rolling back malware activity in the operating system, Kaspersky Endpoint Security handles the following types of malware activity:
File activity Kaspersky Endpoint Security performs the following actions:
Deletes executable files that were created by malware (on all media except network drives). Deletes executable files that were created by programs that have been infiltrated by malware. Restores files that have been modified or deleted by malware. The file recovery feature has a number of limitations .
Registry activity Kaspersky Endpoint Security performs the following actions:
Deletes registry keys that were created by malware. Does not restore registry keys that have been modified or deleted by malware. System activity Kaspersky Endpoint Security performs the following actions:
Terminates processes that have been initiated by malware. Terminates processes into which a malicious application has penetrated. Does not resume processes that have been halted by malware. Network activity Kaspersky Endpoint Security performs the following actions:
Blocks the network activity of malware. Blocks the network activity of processes that have been infiltrated by malware. A rollback of malware actions can be started by the File Threat Protection or Behavior Detection component, or during a malware scan .
Rolling back malware operations affects a strictly defined set of data. Rollback has no adverse effects on the operating system or on the integrity of your computer data.
How to enable or disable the Remediation Engine component in the Administration Console (MMC)
Open the Kaspersky Security Center Administration Console. In the console tree, select Policies . Select the necessary policy and double-click to open the policy properties. In the policy window, select Advanced Threat Protection → Remediation Engine . Use the Remediation Engine check box to enable or disable the component. Save your changes. How to enable or disable the Remediation Engine component in the Web Console and Cloud Console
In the main window of the Web Console, select Devices → Policies & profiles . Click the name of the Kaspersky Endpoint Security policy.The policy properties window opens.
Select the Application settings tab. Go to Advanced Threat Protection → Remediation Engine . Use the Remediation Engine toggle to enable or disable the component. Save your changes. How to enable or disable the Remediation Engine component in the application interface
In the main application window , click the button. In the application settings window, select Advanced Threat Protection → Remediation Engine . Use the Remediation Engine toggle to enable or disable the component. Save your changes. As a result, if Remediation Engine is enabled, Kaspersky Endpoint Security will roll back the actions taken by malicious applications in the operating system.
Page top