System Watcher: Heuristic Analyzer - Kaspersky Lab
20.08.2013 Views
Share Embed Flag

System Watcher: Heuristic Analyzer - Kaspersky Lab

System Watcher: Heuristic Analyzer - Kaspersky Lab

System Watcher: Heuristic Analyzer - Kaspersky Lab

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
utils.kaspersky.com

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

<strong>Kaspersky</strong> PURE 2.0<br />

<strong>System</strong> <strong>Watcher</strong>. <strong>Heuristic</strong> Analysis<br />

Using patterns of dangerous behavior (BSS)<br />

Patterns of dangerous activity (BSS – Behavior Stream Signatures) contain sequences of<br />

actions typical of applications classified as dangerous. In addition to exact matching between<br />

applications' activities and patterns of dangerous activity, <strong>System</strong> <strong>Watcher</strong> also detects<br />

actions that partly match patterns of dangerous activity, being considered suspicious based on<br />

the heuristic analysis. If suspicious activity is detected, <strong>System</strong> <strong>Watcher</strong> prompts the user for<br />

action regardless of the operation mode.<br />

Upon detection of a new virus or new modification of already known malware the application<br />

does not update the entire <strong>System</strong> <strong>Watcher</strong> component, but simply adds a new template to<br />

the database of heuristics and updates it together with the <strong>Kaspersky</strong> <strong>Lab</strong> databases.<br />

To select the action that the component should perform if an application's activity matches a<br />

pattern of dangerous activity, perform the following actions:<br />

1. Open the application settings window.<br />

2. In the left part of the window under Protection select <strong>System</strong> <strong>Watcher</strong>.<br />

3. In the right part of the component settings in the <strong>Heuristic</strong> Analysis section check the<br />

Use behavior stream signatures (BSS) box.<br />

4. In the On detecting malware activity section perform the following actions:<br />

► Select the Select action automatically variant (if the automatic protection mode is<br />

enabled). In this case <strong>System</strong> <strong>Watcher</strong> will automatically apply an action<br />

recommended by <strong>Kaspersky</strong> <strong>Lab</strong> specialists.<br />

► Select the Prompt for action variant (if the interactive protection mode is enabled).<br />

In this case <strong>System</strong> <strong>Watcher</strong> will notify you of any suspicious activity detected in the<br />

system and will prompt for action: allow or block activity.<br />

► Choose the Select action variant:<br />

► Move file to Quarantine (malicious application will be moved to Quarantine).<br />

► Terminate the malicious application (all processes of the malicious application<br />

will be terminated).<br />

► Ignore (<strong>System</strong> <strong>Watcher</strong> takes no actions on the application).<br />

1 | 2

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!