Support

Support for business applications

Kaspersky Anti Targeted Attack (KATA) Platform

Data provision

Data of Kaspersky Endpoint Agent for Windows

Data on files that are blocked from starting

Kaspersky Anti Targeted Attack (KATA) Platform
Нет результатов
Knowledge Base Online Help
FAQ Download Forum Contact support Recovery tools

Data on files that are blocked from starting

8 November 2023

ID 194537

Data on files that are blocked from starting is stored in open non-encrypted form in the folder C:\ProgramData\Kaspersky Lab\Endpoint Agent\protected\kata.

By default, only users with System and Administrator permissions have read-access to files when Self-Defense is enabled. When Self-Defense is disabled, users with System and Administrator permissions can also delete the files, modify their contents, and modify the access rights to them. The Kaspersky Endpoint Agent application does not manage access permissions to this folder or any files in it. It is the system administrator who determines access permissions.

Data on files that are blocked from starting may contain the following information:

  • Full path to the blocked file.
  • MD5 hash of the file.
  • SHA256 hash of the file.
  • Process start command.

See also

Data received from the Central Node component

Data in alerts and events

Data contained in task completion reports

Data contained in an install log

Data related to the performance of tasks

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.