System Watcher - Kaspersky Lab
System Watcher - Kaspersky Lab
System Watcher - Kaspersky Lab
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Kaspersky</strong> Anti-Virus 2012<br />
<strong>System</strong> <strong>Watcher</strong><br />
<strong>System</strong> <strong>Watcher</strong> in <strong>Kaspersky</strong> Anti-Virus 2012 collects data about applications actions on your<br />
computer and provides information to other components for improved protection.<br />
In <strong>Kaspersky</strong> Anti-Virus 2012 you can configure the <strong>System</strong> <strong>Watcher</strong> settings to perform a<br />
specified action when the application’s activity matches with the pattern of dangerous activity.<br />
<strong>System</strong> <strong>Watcher</strong> also allows you to roll back actions performed by malicious programs.<br />
Enabling/disabling <strong>System</strong> <strong>Watcher</strong><br />
By default, <strong>System</strong> <strong>Watcher</strong> is enabled, running in a mode that depends on the current mode of<br />
<strong>Kaspersky</strong> Anti-Virus 2012 – automatic or interactive.<br />
You are advised to avoid disabling the component, except for emergency cases, since this<br />
inevitably impacts efficiency of Proactive Defense and other protection components operation<br />
that may request the data collected by <strong>System</strong> <strong>Watcher</strong> in order to identify the potential threat<br />
detected.<br />
To disable <strong>System</strong> <strong>Watcher</strong>, perform the following actions:<br />
1. Open the application settings window.<br />
2. In the left part of the window under Protection Center select <strong>System</strong> <strong>Watcher</strong>.<br />
3. In the right part of the window<br />
► Uncheck the Enable <strong>System</strong> <strong>Watcher</strong> box, if you want to disable the component.<br />
► Check the Enable <strong>System</strong> <strong>Watcher</strong> box, if you want to enable the component.<br />
4. Click the Apply button.<br />
Using patterns of dangerous behavior (BSS)<br />
Patterns of dangerous activity (BSS – Behavior Stream Signatures) contain sequences of<br />
actions typical of applications classified as dangerous. In addition to exact matching between<br />
applications' activities and patterns of dangerous activity, <strong>System</strong> <strong>Watcher</strong> also detects actions<br />
that partly match patterns of dangerous activity, being considered suspicious based on the<br />
2 | 5