Jump to content
Kaspersky Support Forum

Can Kaspersky detect redline stealers with this turned on in HIPS?

Guest

By Guest
in Kaspersky: Basic, Standard, Plus, Premium

 Share

Recommended Posts

Guest

Guest

Posted
Posted

Basically anything under the "Personal Data Section" is turned to deny

Flood and Flood's wife

Flood and Flood's wife

Posted
Posted (edited)

Hello @Xeno2ig

Welcome back!

As per Kaspersky: Personal data:

Contains the user's personal data, sorted by resources and categories. A resource can be a file or a folder. Intrusion Prevention analyzes the actions that other applications perform on the listed resources.

By default, the personal data list includes the following objects:

User files (My Documents folder, cookie files, information about the user's activities)
Files, folders, and registry keys that contain the settings and important data for the most frequently used applications: browsers, file managers, email clients, IM clients, and electronic wallets.

Thank you?
Flood?+?

Edited by Flood and Flood's wife
pn
Guest

Guest

Posted
Posted

Thank you. However, that doesnt answer my question.

If having it set to Deny, and a application tries to access them maliciously, for example: A Redline stealer, Will Kaspersky terminate the Redline, or will Intrusion Prevention stop it from doing the malicious activity, but not stop the threat. Just cause HIPS Stops something malicious, does that mean System Watcher wont detect it or other Behavioral Detection?

Xzz123

Xzz123

Posted
Posted

mostlikely file antivirus will detect the malware first

system watcher the second

HIPS only apply rules you created. HIPS itself can not detect anything but request other module's result.

Guest

Guest

Posted
Posted

Well what if lets say a stealer tries to access browser passwords, and HIPS denies the access because I have it set to deny,. Would System Watcher pick up on that action, or no? I might just leave it on default if there is any interference

Xzz123

Xzz123

Posted
Posted
6 hours ago, Xeno2ig said:

Well what if lets say a stealer tries to access browser passwords, and HIPS denies the access because I have it set to deny,. Would System Watcher pick up on that action, or no? I might just leave it on default if there is any interference

my personal view: You will never find out the answer.

it is too complicated that i believe only a senior developper can tell you that.

but I dont think you need to worry about it, HIPS rules was born to be changed as you wish

Guest

Guest

Posted
Posted

yeah fair. Im tryna setup my HIPS to protect me from anything other components miss, to basically get 100% detection rate Any good ways to do that?

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...