Does Intrusion Prevention Reports show all files?

[Guest]

In the reports tab for intrusion prevention - not the gui where you see all the trust groups, does it show the logs of all applications or does it hide system applications and Kaspersky apps like the gui where you see the trust groups?

[Flood and Flood's wife]

1 hour ago, Xeno2ig said:

In the reports tab for intrusion prevention - not the gui where you see all the trust groups, does it show the logs of all applications or does it hide system applications and Kaspersky apps like the gui where you see the trust groups?

Hello @Xeno2ig, 

Welcome back!

As far as we know it's *all*, when the app is added to the trust group, however -> can you narrow it down a bit for us please so we don't have to go on a wild goose chase:

Thank you🙏
Flood🐳+🐋

Edited March 11 by Flood and Flood's wife
changed image

[Guest]

2 hours ago, Flood and Flood's wife said:

Hello @Xeno2ig, 

Welcome back!

As far as we know it's *all*, when the app is added to the trust group, however -> can you narrow it down a bit for us please so we don't have to go on a wild goose chase:

Thank you🙏
Flood🐳+🐋

Ok thank you. Another question: is it possible to run archives? If so would intrusion prevention monitor said files?

[Flood and Flood's wife]

5 minutes ago, Xeno2ig said:

Ok thank you.

1. Another question: is it possible to run archives? If so would intrusion prevention monitor said files?

Hello @Xeno2ig, 

You're welcome!

Thank you for  posting back & the extra question. 

When an application is started on the computer for the first time, Intrusion Prevention checks the safety of the application and assigns it to a group (Trusted, Untrusted, High Restricted, or Low Restricted), this is what is reflected in the reports; IF the trust group is changed the Intrusion Prevention will reflect the change. 

1. What do you mean: "is it possible to run archives?" What sort of *archives*? Are the  *archives* applications? 

Thank you🙏
Flood🐳+🐋

[Guest]

5 hours ago, Flood and Flood's wife said:

Hello @Xeno2ig, 

You're welcome!

Thank you for  posting back & the extra question. 

When an application is started on the computer for the first time, Intrusion Prevention checks the safety of the application and assigns it to a group (Trusted, Untrusted, High Restricted, or Low Restricted), this is what is reflected in the reports; IF the trust group is changed the Intrusion Prevention will reflect the change. 

1. What do you mean: "is it possible to run archives?" What sort of *archives*? Are the  *archives* applications? 

Thank you🙏
Flood🐳+🐋

A .rar file, for example

[Flood and Flood's wife]

8 minutes ago, Xeno2ig said:

A .rar file, for example

Hello @Xeno2ig, 

Thank you for posting back & the information! 

A .rar file is not a application, so no. 

IF whatever is in the .rar file is an application, then yes, but it has to be unpacked first. 

Thank you🙏
Flood🐳+🐋

[Guest]

13 minutes ago, Flood and Flood's wife said:

Hello @Xeno2ig, 

Thank you for posting back & the information! 

A .rar file is not a application, so no. 

IF whatever is in the .rar file is an application, then yes, but it has to be unpacked first. 

Thank you🙏
Flood🐳+🐋

Ok - and finally a slightly unrelated question but does the like rollback malicious activity scanner thing have the ability to reset windows showing file extensions?

[Flood and Flood's wife]

1 minute ago, Xeno2ig said:

Ok - and finally a slightly unrelated question but does the like rollback malicious activity scanner thing have the ability to reset windows showing file extensions?

Hello @Xeno2ig, 

Are you referring to System Watcher? 

[Guest]

2 minutes ago, Flood and Flood's wife said:

Hello @Xeno2ig, 

Are you referring to System Watcher? 

No - the malicious activity rollback wizard. It’s not a component but I’m not sure where it is. I’m pretty sure it runs after advanced disinfection.

[Flood and Flood's wife]

6 minutes ago, Xeno2ig said:

No - the malicious activity rollback wizard. It’s not a component but I’m not sure where it is. I’m pretty sure it runs after advanced disinfection.

Hello @Xeno2ig,  

Thank you for posting back & the information!

You'll have to provide screenprints or acurate information. 

Thank you🙏
Flood🐳+🐋

[Guest]

4 minutes ago, Flood and Flood's wife said:

Hello @Xeno2ig,  

Thank you for posting back & the information!

You'll have to provide screenprints or acurate information. 

Thank you🙏
Flood🐳+🐋

Ok - disregard the question then.

I wonder what could have made the file extensions not be shown anymore then. I noticed a weird file in my intrusion prevention but I didn’t run anything and Kaspersky says it’s either liked by KSN or trusted signature.

[Flood and Flood's wife]

7 minutes ago, Xeno2ig said:

Ok - disregard the question then.

I wonder what could have made the file extensions not be shown anymore then. I noticed a weird file in my intrusion prevention but I didn’t run anything and Kaspersky says it’s either liked by KSN or trusted signature.

Gives us 5 minutes @Xeno2ig, we'll consult our Tarot cards. 

When in doubt *always* contact Kaspersky Customer Service - https://support.kaspersky.com/b2c#contacts. 

Thank you🙏
Flood🐳+🐋

Edited March 11 by Flood and Flood's wife
spelling

[Guest]

3 minutes ago, Flood and Flood's wife said:

Gives us 5 minutes @Xeno2ig, we'll consult our Tarot cards. 

When in doubt *always* contact Kaspersky Customer Service - https://support.kaspersky.com/b2c#contacts. 

Thank you🙏
Flood🐳+🐋

Don’t have access to my PC for a while so I cannot do anything as I sent it to get a new graphics card.

[Guest]

Wait if malware opens or queries the bios registry keys, does that mean it’s bios malware and infects the bios?

[Guest]

Is intrusion prevention always on?

I ask this because in the logs it shows process stopped and then started (pretty sure it does this every reboot). How long is the component disabled for and does that affect protection at all?

[Flood and Flood's wife]

5 hours ago, Xeno2ig said:

• Is intrusion prevention always on?

I ask this because in the logs it shows process stopped and then started (pretty sure it does this every reboot).

How long is the component disabled for and does that affect protection at all?

Hello @Xeno2ig,  

Thank you for posting back!

• Not if the computer is off. 

1. Which logs?
2. Which process? 
3. Which component? 
4. Provide *proper* names & full-screen-screenprints please? 

Thank you🙏
Flood🐳+🐋

Edited March 12 by Flood and Flood's wife
grammar

[Guest]

8 hours ago, Flood and Flood's wife said:

Hello @Xeno2ig,  

Thank you for posting back!

• Not if the computer is off. 

1. Which logs?
2. Which process? 
3. Which component? 
4. Provide *proper* names & full-screen-screenprints please? 

Thank you🙏
Flood🐳+🐋

Within Kaspersky Intrusion Prevention logs/reports accessible on the main UI - where the other components reports are.

Each reboot it says process stopped then process started for all components.