Using Heuristic Analyzer with Web Anti-Virus
January 10, 2024
To improve the effectiveness of protection, you can use heuristic analysis in the operation of Web Anti-Virus. During heuristic analysis, Kaspersky Security analyzes the activity of programs in the operating system of the protected virtual machine. Heuristic analysis can detect new malicious objects for which there are currently no records in the application database.
To use Kaspersky Security Center to configure use of Heuristic Analyzer in the operation of Web Anti-Virus:
- Open Kaspersky Security Center Administration Console.
- In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
- In the workspace, select the Policies tab.
- Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
- In the policy properties window, select the Web Anti-Virus section in the list on the left.
- In the right part of the window, in the Security level section, click the Settings button.
- In the Web Anti-Virus window that opens, on the General tab:
- If you want Web Anti-Virus to use heuristic analysis to scan web traffic for viruses and other malware, in the Scan methods section, select the Heuristic analysis for detecting viruses check box and use the slider to set the heuristic analysis level: Light, Medium, or Deep.
- If you want Web Anti-Virus to use heuristic analysis when checking web addresses, in the Anti-Phishing settings section select the Heuristic analysis for detecting phishing web addresses check box.
- Click OK in the Web Anti-Virus window.
- Click the Apply button.
To use the local interface to configure the use of Heuristic Analyzer in the operation of Web Anti-Virus:
- On the protected virtual machine, open the application settings window.
- In the left part of the window, in the Anti-Virus protection section, select Web Anti-Virus.
In the right part of the window, the Web Anti-Virus component’s settings are displayed.
If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.
- Complete steps 6–8 of the previous instructions.
- To save changes, click the Save button.