System Watcher: rolling back malware actions - Kaspersky Lab
System Watcher: rolling back malware actions - Kaspersky Lab
System Watcher: rolling back malware actions - Kaspersky Lab
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Kaspersky</strong> PURE 2.0<br />
<strong>System</strong> <strong>Watcher</strong>:<br />
<strong>rolling</strong> <strong>back</strong> <strong>malware</strong> <strong>actions</strong>
<strong>Kaspersky</strong> PURE 2.0<br />
<strong>System</strong> <strong>Watcher</strong>. Rolling <strong>back</strong> <strong>actions</strong> performed by <strong>malware</strong><br />
You can use the product feature for <strong>rolling</strong> <strong>back</strong> the <strong>actions</strong> performed by <strong>malware</strong> in the<br />
system. To enable a roll-<strong>back</strong>, <strong>System</strong> <strong>Watcher</strong> should log the history of program activity.<br />
By default, <strong>Kaspersky</strong> PURE rolls <strong>back</strong> relevant operations automatically when the protection<br />
components detect malicious activity (<strong>rolling</strong> <strong>back</strong> <strong>actions</strong> after malicious activity is detected in<br />
the system can be initiated either by the <strong>System</strong> <strong>Watcher</strong> component based on patterns of<br />
dangerous activity, or by Proactive Defense, and during virus scan task run or File Anti-Virus<br />
operation).<br />
When running in interactive mode, <strong>System</strong> <strong>Watcher</strong> prompts the user for action. You can<br />
specify the operation which should be performed whenever malicious activity is detected. The<br />
procedure of <strong>rolling</strong> <strong>back</strong> <strong>malware</strong> operations affects a strictly defined set of data. It causes no<br />
negative consequences for the operating system or data integrity on your computer.<br />
To configure roll<strong>back</strong> of <strong>malware</strong> operations, perform the following <strong>actions</strong>:<br />
1. Open the application settings window.<br />
2. In the left part of the window under Protection select <strong>System</strong> <strong>Watcher</strong>.<br />
3. In the right part of the component settings in the Roll<strong>back</strong> of <strong>malware</strong> action s section<br />
specify <strong>actions</strong> that <strong>System</strong> <strong>Watcher</strong> should perform if it has a possibility to roll <strong>back</strong><br />
changes made by a malicious program:<br />
► Select the Select action automatically variant (if the automatic protection mode is<br />
enabled). In this case <strong>System</strong> <strong>Watcher</strong> will automatically apply an action<br />
recommended by <strong>Kaspersky</strong> <strong>Lab</strong> specialists.<br />
► Select the Prompt for action variant (if the interactive protection mode is enabled).<br />
In this case <strong>System</strong> <strong>Watcher</strong> will notify you that roll<strong>back</strong> is necessary and will<br />
prompt for action: perform or cancel roll<strong>back</strong>.<br />
► Select action<br />
If you choose the Select action variant, select an action from the drop-down list:<br />
► Roll <strong>back</strong><br />
► Do not roll <strong>back</strong><br />
1 | 2
<strong>Kaspersky</strong> PURE 2.0<br />
Pay attention, you can limit the amount of data stored for roll<strong>back</strong> by clicking the<br />
corresponding box in the Limit data to be stored for roll<strong>back</strong> section.<br />
4. Click the Apply button.<br />
2 | 2