Detection of unwanted objects, such as malware, viruses, and other unwanted or entrusted objects, in an execution environment may be performed at a computer as part of endpoint detection of those unwanted objects. For example, an object, such as a file, document, program, and/or the like, may be analyzed as part of execution control to determine whether to allow execution of some portion of the object.