The System Watcher component from Kaspersky Anti-Virus 2012 collects data concerning actions performed by applications on your computer and then collected data are used by other components to provide strong protection of your computer.
In Kaspersky Anti-Virus 2012 you can configure the System Watcher actions on suspicious application actions detection.
System Watcher uses heuristic analysis to detect actions which partially match to patterns of dangerous activity. If such actions are detected the application will ask a user to select an action to be performed with a suspicious program.
The technology use allows adding new patterns to the existing heuristic databases and, therefore, do not update the whole module. new signatues are added during anti-virus databases update. Heuristic analysis use allows blocking malicious actions of an application according to signatures of heuristic database.
In order to configure the System Watcher actions on suspicious detection, perform the following actions:
- open the main application window
- on the right upper corner, click Settings
- on the upper part of the Settings window, select Protection Center
- on the left hand part of the Settings window, select System Watcher
- on the right hand part of the Settings window, check the box Enable System Watcher
- on the right part of the Settings window in the Heuristic analysis section, check the box Use updatable patterns of dangerous activity (BSS)
- select the required action for the On detecting dangerous activity option:
- Select action automatically (if automatic protection mode is enabled). In this case System Watcher will select automatically select actions specified by Kaspersky Lab specialists
- Prompt for action (if interactive protection mode is enabled). In this case System Watcher will prompt for action: allow or block.
- Select action:
- Move file to Quarantine
- Terminate the malicious application
- Ignore
- on the bottom right hand corner, click on the OK button
- close the main application window.
