This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
These logs are needed only in specific cases, to save time and effort do not collect these logs unless explicitly requested.
Behaviour Stream Signatures or BSS is a major part of System Watcher. Sometimes its logs are required to diagnose the issue.
Step-by-step guide
BSS log collecting is started via bases, so when you activate logging via the avp.com command, it will re
This is a workaround and should be used if you can't check it the standard way.
1. Collect GSI
2. Open this file (see screenshot) and press ctrl+f and search for the word, for example, Firewall. Immediately you'll get a line with the installed components.
In Compact Diagnostic Interface
Can be checked in "About the application" window.
In Kaspersky Security Console
Can be checked in Action -> Information about the application and available module updates...
To check Block action:
Specify Block actions for all rules in the group Activity of script engines and frameworks.
Extract files from the archive and start the scripts. All scripts should be blocked, popup about it should be shown.
There will be new records about blockings in the local report, events and AAC report in KSC console.
To check Smart action:
Host where KES is installed is under the policy applied. Specify Smart mode for all rules in the group Activi
Problem
Some devices do not have keyboards, but still are detected with BadUSB.
Step-by-step guide
In order to allow them work properly use BadUSB on-screen keyboard, using other onscreen keyboards or physical ones is not recommended.
To open BadUSB on-screen keyboard click on the highlighted text (example for Russian localization).
Note that Prohibit use of On-Screen Keyboard for authorization of USB devices option should be turned off.
Sometimes you may need to add a particular site\domain to an exclusions list of Traffic Security.
Unfortunately, at current moment KSWS console allows us to make exclusions ONLY for Ports, IP-addresses, and Processes:
But we have ability to make site and domain exclusions for Traffic Security via registry workaround.
To implement workaround, we need to create and fill following REG_MULTI_SZ key:
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\WSEE\11.0\Env
