Why do I need the heuristic analysis technology in System Watcher of Kaspersky PURE 2.0?

Back to "Computer Protection" section

The System Watcher component from Kaspersky PURE 2.0 collects data concerning actions performed by applications on your computer and then collected data are used by other components to provide strong protection of your computer.

In Kaspersky PURE 2.0 you can configure the System Watcher actions on suspicious application actions detection.

System Watcher uses heuristic analysis to detect actions which partially match to patterns of dangerous activity. If such actions are detected the application will ask a user to select an action to be performed with a suspicious program.

The technology use allows adding new patterns to the existing heuristic databases and, therefore, do not update the whole module. new signatues are added during anti-virus databases update. Heuristic analysis use allows blocking malicious actions of an application according to signatures of heuristic database.

Kaspersky PURE 2.0 also includes Application Control. The module allows viewing the list of installed and run applications (for example, info concerning application group idenitified by Kaspersky PURE 2.0)

In order to configure the System Watcher actions on suspicious detection, perform the following actions:

1. Open the main application window.
2. On the right upper corner, click Settings.
3. On the upper part of the Settings window, go to the Protection tab and select System Watcher.
4. On the right part of the window in the Heuristic analysis section, check the box Use updatable patterns of dangerous activity (BSS).
5. Depending on the selected protection mode, select the required action for the On detecting dangerous activity option:
   • Select action automatically (if automatic protection mode is enabled). In this case System Watcher will select automatically select actions specified by Kaspersky Lab specialists
   • Prompt for action (if interactive protection mode is enabled). In this case System Watcher will prompt for action: allow or block.
   • Select action:
     • Move file to Quarantine
     • Terminate the malicious application
     • Ignore
6. On the bottom right hand corner, click on the OK button.
7. Close the main application window.

Useful references

What is the System Watcher component in Kaspersky PURE 2.0?
Why do I need the Rollback of malware actions function in Kaspersky PURE 2.0?
What is heuristic analysis in Kaspersky PURE 2.0?
Chto takoe modul Aktivnost programm v sostave Kaspersky CRYSTAL 2.0
How to change general protection settings in Kaspersky PURE 2.0
What is Quarantine in Kaspersky PURE 2.0?

Applies To:

• Kaspersky PURE 2.0