ABEgorov

The Virus lab confirmed False Positive.

I have solved the problem. I need the two exclusions for the application...

Now even without interactive protection, "C:\Program Files (x86)\Tajpi" in the exclusions and "Tajpi.exe" in Trusted (Application Control) group I cannot launch the application...

I trust this application. It first appeared in KSN two years ago and yesterday KIS did not detect anything. I don't know why this happened today but the manual scan still shows "no threats detected"...

I added to the exclusions: http_//www_zz9pza.net_tajpi_tajpi298inst.exe I:\Downloads\tajpi298inst.exe C:\Program Files (x86)\Tajpi Are there any easier ways to do this? ------ Moderation Edit : Download link disabled

KIS 19.0.0.1088 (e). Windows 10 x64, 1809 (10.0.17763.503) I tried to restore it from the quarantine and add it to the exclusions. Now quarantine contains only help files... 23.05.2019 19.59.07 Download blocked http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Object name: Trojan-Spy.Win32.Xegumumune.aht Object: http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Application: Google Chrome Object type: Trojan program Time: 5/23/2019 7:59 PM 23.05.2019 19.59.07 Object (file) detected http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Object name: Trojan-Spy.Win32.Xegumumune.aht Object: http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Application: Google Chrome Object type: Trojan program Time: 5/23/2019 7:59 PM 23.05.2019 19.44.35 PC Cleaner has finished a scheduled analysis of objects Time: 5/23/2019 7:44 PM 23.05.2019 19.41.55 Search for application updates Search completed, no available updates Important updates available: 0 Recommended updates available: 0 Started: Automatically Status: Completed Time: 5/23/2019 7:41 PM 23.05.2019 19.35.42 Download blocked http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Object name: Trojan-Spy.Win32.Xegumumune.aht Object: http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Application: Google Chrome Object type: Trojan program Time: 5/23/2019 7:35 PM 23.05.2019 19.35.42 Object (file) detected http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Object name: Trojan-Spy.Win32.Xegumumune.aht Object: http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Application: Google Chrome Object type: Trojan program Time: 5/23/2019 7:35 PM 23.05.2019 19.30.32 You have signed in to My Kaspersky portal Browser: Google Chrome Device: Desktop Operating system: Windows Login time: 5/23/2019 7:30 PM Time: 5/23/2019 7:30 PM 23.05.2019 19.30.31 Update of databases and application modules Completed. Average download speed:: 1.35 MB/s Status:: Completed. Downloaded and updated:: 1.07 MB Total duration: 4 minutes 36 seconds Time: 5/23/2019 7:30 PM 23.05.2019 19.24.29 Download blocked http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Object name: Trojan-Spy.Win32.Xegumumune.aht Object: http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Application: Google Chrome Object type: Trojan program Time: 5/23/2019 7:24 PM 23.05.2019 19.24.29 Object (file) detected http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Object name: Trojan-Spy.Win32.Xegumumune.aht Object: http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Application: Google Chrome Object type: Trojan program Time: 5/23/2019 7:24 PM 23.05.2019 19.23.56 Download blocked http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Object name: Trojan-Spy.Win32.Xegumumune.aht Object: http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Application: Google Chrome Object type: Trojan program Time: 5/23/2019 7:23 PM 23.05.2019 19.23.56 Object (file) detected http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Object name: Trojan-Spy.Win32.Xegumumune.aht Object: http://www.zz9pza.net/tajpi/tajpi298inst.exe//data0000 Application: Google Chrome Object type: Trojan program Time: 5/23/2019 7:23 PM 23.05.2019 19.21.55 Rolled back actions of malware PDM:Trojan.Win32.Generic Application name: I:\Downloads\tajpi298inst.exe Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:21 PM 23.05.2019 19.21.55 File deleted when rolling back actions of malware c:\programdata\microsoft\windows\start menu\programs\tajpi\tajpi.lnk Application name: I:\Downloads\tajpi298inst.exe Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:21 PM 23.05.2019 19.21.55 File deleted when rolling back actions of malware c:\programdata\microsoft\windows\start menu\programs\tajpi\malinstali tajpi.lnk Application name: I:\Downloads\tajpi298inst.exe Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:21 PM 23.05.2019 19.21.55 File deleted when rolling back actions of malware c:\programdata\microsoft\windows\start menu\programs\tajpi\helpo.lnk Application name: I:\Downloads\tajpi298inst.exe Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:21 PM 23.05.2019 19.21.55 File deleted when rolling back actions of malware c:\programdata\microsoft\windows\start menu\programs\tajpi\helpo (angla).lnk Application name: I:\Downloads\tajpi298inst.exe Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:21 PM 23.05.2019 19.21.55 File deleted when rolling back actions of malware c:\program files (x86)\tajpi\is-cimud.tmp Application name: I:\Downloads\tajpi298inst.exe Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:21 PM 23.05.2019 19.21.55 File renamed when rolling back actions of malware c:\program files (x86)\tajpi\is-cimud.tmp Application name: I:\Downloads\tajpi298inst.exe Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:21 PM 23.05.2019 19.21.40 Detected object (file) deleted C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:21 PM Object name: UDS:Trojan-Spy.Win32.Xegumumune 23.05.2019 19.21.40 Detected object (file) moved to Quarantine C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:21 PM Object name: UDS:Trojan-Spy.Win32.Xegumumune 23.05.2019 19.21.14 Removed malware PDM:Trojan.Win32.Generic Application name: I:\Downloads\tajpi298inst.exe Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:21 PM 23.05.2019 19.20.50 Detected malware PDM:Trojan.Win32.Generic Application name: Tajpi Setup Application path: i:\downloads\tajpi298inst.exe Time: 5/23/2019 7:20 PM 23.05.2019 19.20.50 Object (file) detected C:\Program Files (x86)\Tajpi\Tajpi.exe Application: C:\Users\abegorov\AppData\Local\Temp\is-O9L34.tmp\tajpi298inst.tmp File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:20 PM Object name: Trojan-Spy.Win32.Xegumumune.aht Reason: Information 23.05.2019 19.20.49 Object (file) detected C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:20 PM Object name: UDS:Trojan-Spy.Win32.Xegumumune 23.05.2019 19.20.48 Object (file) detected C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:20 PM Object name: Trojan-Spy.Win32.Xegumumune.aht Reason: Information 23.05.2019 19.20.48 Object (file) detected C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:20 PM Object name: Trojan-Spy.Win32.Xegumumune.aht Reason: Information 23.05.2019 19.20.43 Application added to the Trusted group Setup/Uninstall Application: Setup/Uninstall Reason: KSN information Application path: C:\Users\abegorov\AppData\Local\Temp\is-O9L34.tmp\tajpi298inst.tmp Time: 5/23/2019 7:20 PM 23.05.2019 19.20.41 Application added to the Trusted group Setup/Uninstall Application: Setup/Uninstall Reason: KSN information Application path: C:\Users\abegorov\AppData\Local\Temp\is-URD9Q.tmp\tajpi298inst.tmp Time: 5/23/2019 7:20 PM 23.05.2019 19.19.38 Detected object (file) deleted C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:19 PM Object name: Trojan-Spy.Win32.Xegumumune.aht 23.05.2019 19.19.37 Detected object (file) moved to Quarantine C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:19 PM Object name: Trojan-Spy.Win32.Xegumumune.aht 23.05.2019 19.18.11 Selective Scan No threats detected Detected: 0 Deleted: 0 Not disinfected: 0 Release date of databases used for scan: 5/23/2019 12:49 PM Total duration: 0 seconds Completion time: 5/23/2019 7:18 PM 23.05.2019 19.17.43 Object (file) detected C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:17 PM Object name: Trojan-Spy.Win32.Xegumumune.aht 23.05.2019 19.16.58 Detected object (file) deleted C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:16 PM Object name: Trojan-Spy.Win32.Xegumumune.aht 23.05.2019 19.16.58 Detected object (file) moved to Quarantine C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:16 PM Object name: Trojan-Spy.Win32.Xegumumune.aht 23.05.2019 19.15.18 Selective Scan No threats detected Detected: 0 Deleted: 0 Not disinfected: 0 Release date of databases used for scan: 5/23/2019 12:49 PM Total duration: 0 seconds Completion time: 5/23/2019 7:15 PM 23.05.2019 19.14.30 Object (file) detected C:\Program Files (x86)\Tajpi\Tajpi.exe Application: Windows Explorer File: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:14 PM Object name: Trojan-Spy.Win32.Xegumumune.aht 23.05.2019 19.11.45 Application is allowed to receive audio stream SkypeApp Application: SkypeApp Application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe Time: 5/23/2019 7:11 PM 23.05.2019 19.11.45 Application is allowed to receive audio stream SkypeApp Application: SkypeApp Application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe Time: 5/23/2019 7:11 PM 23.05.2019 19.11.37 Removed malware PDM:Trojan.Win32.Bazon.a Application name: C:\Program Files (x86)\Tajpi\Tajpi.exe Application path: c:\program files (x86)\tajpi\tajpi.exe Time: 5/23/2019 7:11 PM 23.05.2019 19.11.21 Removed malware PDM:Trojan.Win32.Bazon.a Application name: Klavarilo por esperantistoj Application path: HKU\S-1-5-21-2371300580-1008966690-3884442651-1001\Software\Microsoft\Windows\CurrentVersion\Run\Tajpi Time: 5/23/2019 7:11 PM 23.05.2019 19.11.19 Terminated malware PDM:Trojan.Win32.Bazon.a Application name: Klavarilo por esperantistoj Application path: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:11 PM 23.05.2019 19.11.19 Detected malware PDM:Trojan.Win32.Bazon.a Application name: Klavarilo por esperantistoj Application path: c:\program files (x86)\tajpi\tajpi.exe Time: 5/23/2019 7:11 PM 23.05.2019 19.11.18 Application added to the Low Restricted group Klavarilo por esperantistoj Application: Klavarilo por esperantistoj Reason: default Application path: C:\Program Files (x86)\Tajpi\Tajpi.exe Time: 5/23/2019 7:11 PM 23.05.2019 19.11.00 Task started Web Anti-Virus Time: 5/23/2019 7:11 PM 23.05.2019 19.11.00 Task started Mail Anti-Virus Time: 5/23/2019 7:11 PM 23.05.2019 19.11.00 Task started IM Anti-Virus Time: 5/23/2019 7:11 PM 23.05.2019 19.11.00 Task started System Watcher Time: 5/23/2019 7:11 PM 23.05.2019 19.11.00 Task started Network Attack Blocker Time: 5/23/2019 7:11 PM 23.05.2019 19.11.00 Task started Anti-Banner Time: 5/23/2019 7:11 PM 23.05.2019 19.10.55 Task started File Anti-Virus Time: 5/23/2019 7:10 PM 23.05.2019 19.10.55 Task started Firewall Time: 5/23/2019 7:10 PM 23.05.2019 19.10.55 Task started Application Control Time: 5/23/2019 7:10 PM

Today, KIS has identified an old application as malicious. It was created in 2016 and was working for a long time without any problems on my computer. Today, KIS has removed the application itself, the application installer, and prohibited the application from being downloaded. How to ignore all of this and install the application back? I have created a support request INC000010472262.