Kaspersky
Question

Can not display list of processed objects, according to detailed reports window.

  • 3 October 2019
  • 3 replies
  • 786 views

Hello,

I use KTS 20.0.14.1085(d) (database 2 Oct. 2019) on MS Windows 8.1 x64 Pro EN.
Today when OS booted, as usual, KTS started and completed quick scan, vulnerability scan and rootkit scan. Pop-up message window of KTS stated that there were detected objects by Quick Scan of which all of them are neutralized. Also Vulnerability Scan pop-up stated there were detected objects.

However when I perform the following monitoring actions, I can not see any entries, no so called detected and processed/neutralized objects are listed:

1- Detailed Reports window, Quick Scan entry shows "Objects detected: 7, neutralized: 7, not disinfected: 0".
1a- Neither viewing via event details (All Events) of latest Quick Scan entry nor exporting this entry's entities, did not show/display any list of detected or processed files, filenames or lists. Neither of these approaches succeded in displaying list of detected/processed files.
MainScreen*MoreTools*Reports*DetailedReports
MainScreen*MoreTools*Reports*Neutralized(entry): Strangely this shows 3 objects as Neutralized.
MainScreen*Details*RecommendationsSection: No evidence of detection is displayed in Recommendations area or other areas of Notification Center window.
2- Detailed Reports window, Vulnerablity Scan entry shows "Objects detected: 16, neutralized: 8, not disinfected: 0".
2a- Here the 8 unprocessed objects are non up-to-date installations of software/programs which Vulnerability Scan always warns me, but I prevent it to process or update them. No problem here.
2b- The reason of my post happened minutes ago today, last night I updated Windows and it updated Adobe Flash componet. Here you go... MainScreen*MoreTools*Reports*DetailedReports of Vulnerability Scan lists the processed files:
Vulnerable object (file) detected
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll
Vulnerable object (file) detected
C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_32_0_0_192.dll
Vulnerable object (file) detected
C:\Windows\System32\Macromed\Flash\pepflashplayer64_32_0_0_192.dll
Vulnerable object (file) detected
C:\Windows\System32\Macromed\Flash\NPSWF64_32_0_0_192.dll
Vulnerable object (file) detected
C:\Program Files\Mozilla Firefox\firefox.exe
Vulnerable object (file) detected
C:\Program Files\iTunes\iTunes.exe
Vulnerable object (file) detected
C:\Program Files\BIN\vlc-3.0.3\vlc.exe
Vulnerable object (file) detected
C:\Program Files\BIN\vlc-3.0.3\vlc-cache-gen.exe

My questions:
1- What is going on?
2- How can I correctly display the list of objects and files which are;
a- detected
b- processed
3- How can I display the list of objects and files in reports files or via exporting reports which are;
a- detected
b- processed

???

Edit 20191013:1321
Quarantine info: There are no files, objects in quarantine area though I allow 1 GB of space for it.

Addendum to questions:
4- Is only one engine/function is performing all kinds of processing of detected objects? Do, say, QuickScan and Vulnerability Scan have their own separate cleaning assigned/designated engines for processing of detected objects?

3 replies

Userlevel 7
Badge +4
Welcome. "Vulnerable" means out of date. Please update to current version of Firefox, Flash Player, iTunes, VLC Player, etc.

Then restart and scan again.

Any better after that?
Welcome. "Vulnerable" means out of date. Please update to current version of Firefox, Flash Player, iTunes, VLC Player, etc.

Then restart and scan again.

Any better after that?

Thank you @richbuff but I explained in detail the sitiuation of my existing vulnerable-listed items along with currently apperared vulnerable-labelled items. My problem thus questions are in a totally different aspect. In short, KTS can not show/display (a list of) the detected and/or processed items it has mentioned as "there are xxx items..." in reports. That's my problem. I very well know why my outdated apps are labelled as vulnerable by KTS.
QuickScan reports 7 items detected, 7 items processed, can not list any of them.
At the same time, VulnerabilityScan reports, 16 items detected (of which 8 of them are existing apps that I'm happy to live with, so pls ignore these 8 ), 8 items processed, 8 items ignored (pls refer to prvious paranthesis), but lists only 5 new items (existing 5 is very well known by me).
What's more, Neutralized entry in Reports shows only 3 items, in which from a total of 7 + 8 = 15 !!!!
Very inconsistent reporting!
All are detailly explained in my original post.
BTW IMHO, the problem aroused because current KTS/database is incompatible with latest Windows 8.1 Adobe Flash updates, IMHO.
Userlevel 7
Badge +4
You're welcome. Let's get Tech Support in on this issue.

Please contact Tech Support: https://my.kaspersky.com/support/

Please attach the following items to your Tech Support request:

a. Description of the issue.
b. Screenshot, as needed.
c. GSI

Reply