Have a look at 'automatic responses' chapter in the user guide, it should cover what you need.
I believe we leave a default response disabled (called 'Malware Detected') as part of the ePO install that you could modify.
"Automatic Responses use events that occur on systems in your environment that are delivered to the server and configured response rules associated with the group that contains the affected systems and each parent above it. If the conditions of any such rule are met, designated actions are taken, per the rule’s configurations."
Bear in mind that in an outbreak it can generate a lot of messages, which is why the concepts of throttling and aggregation are provided.