Igor Kurzin

Vielen Dank, wir werden das prüfen.

¿Has creado exclusiónes para?: С:\Program Files (x86)\NetSupport\NetSupport Manager\client32.exe C:\Program Files (x86)\NetSupport\NetSupport Manager\PCICTLUI.EXE Tienes y es necesario cambiar esto por 'No analizar todo el tráfico'.

Hi, The product for Android takes care of the threats that can be harmful for Android OS. Detecting all the known threats would be an unnecessary overkill, as it would overload the product, reduce the performance, etc. The product for Windows detects all the threats, including those for Android OS.

Hola, Además de lo que Harlan ha publicado... ¿Ayuda salir de Kaspersky o solo ayuda la desinstalación?

Hi darkflux, Looks like the issue is due to "locking your PC down". Can you please give more details on how the Windows 7 is locked down, how changes are wiped and reset?

Hi, in addition to what Flood has posted, it may be a good first step to reset Chrome browser via the instruction: https://support.google.com/chrome/answer/3296214?hl=en

This file contains temporary data of Kaspersky, the size of 1,6Gb on the disk is normal. You can disable Self-Defense in the Kaspersky product, then exit Kaspersky product and delete the file.

You can remove Kaspersky products via command line only if you first enable password protection in the product, then you can run uninstallation and include the name/password. Which upgrade are you planning to make? (trying to figure out if clearing KSC first is needed).

Hi Flood, The responsible teams are working on this. There is a process they have to follow and due to several reasons it is taking time. There was a communication on the issue (5436901) this week, I am keeping an eye on it, and as soon as it is fixed, I will give you an update. Sounds good? :)

Hi @kyuno1 , Please submit this sample at https://opentip.kaspersky.com, if it is not detected yet, please click ‘Submit to reanalyze’ button.

Hi Flood, Since you are browsing my.kaspersky.com site the corresponding help article is available in my.k help: https://support.kaspersky.com/KPC/1.0/en-US/96890.htm

Hi @Dylan , Check this article out: https://support.kaspersky.com/us/14674#block4

Hi @DARKxx56 , You can submit a ticket via https://support.kaspersky.com/b2c/ for assistance with this issue.

Hi @System_Info , Did you try to reinstall the product without keeping the settings? We would need to check some logs from your PC, do you mind submitting a ticket to technical support via https://support.kaspersky.com/b2c/ and letting me know the incident number?

Hola @Bambiton, ¿Tienes alguna de estas dos aplicaciones instaladas en tu PC? Web Companion HP Velocity

Hi @intelvir , Can you please submit a ticket to technical support via https://support.kaspersky.com/b2c/ and let me know its number? We will collect some additional information to further analyze and fix this issue.

Thank you for the screenshots. To fix this, please add subdomains to Trusted addresses as well, e.g. pfsense.thedurlands.site.

Hi @Necro PC , The default setting (Smart Scan) is the optimal one for majority of the situations and users. You can read the description below and choose another option if needed: Smart mode. In this mode, File Anti-Virus scans an object based on an analysis of actions taken on the object. For example, when working with a Microsoft Office document, Kaspersky Total Security scans the file the first time it is opened and the last time it is closed. Intermediate operations that overwrite the file do not cause it to be scanned. On access and modification. In this mode, File Anti-Virus scans objects whenever there is an attempt to open or modify them. On access. In this mode, File Anti-Virus scans objects only upon an attempt to open them. On execution. In this mode, File Anti-Virus only scans objects upon an attempt to run them. Kaspersky Internet security detect EICAR-TEST-FILE sometimes What is the scenario (step by step) when eicar test file is not detected? I am asking, so we can check in our environment.

Hi @BudTheGrey , To make sure we are on the same page, can you post a screenshot of the Trusted addresses, the error message when connecting to one of the local devices (so that URL in the browser address bar is visible as well)?

Hi @MangoBui , Trojan.Multi.Accesstr detection is triggered when Kaspersky products detect that one of Windows utilities in %systemroot%\system32 folder is replaced by cmd.exe or powershell.exe. The trojan.multi.accesstr.ash can be detected in situations when cmd.exe was renamed to C:\Windows\System32\sethc.exe Please check the following: 1. Press Win+R to open the Run menu. Paste C:\Windows\System32\sethc.exe and press OK. If Command Prompt windows opens, it means there is no actual trojan, there is a cmd.exe file that had been renamed to a sethc.exe. Windows contains accessibility features that may be launched with a key combination before a user has logged in (for example, when the user is on the Windows logon screen). Someone can modify the way these programs are launched to get a command prompt or backdoor without logging in to the system. So the renamed cmd.exe file itself does not contain malicious code, but it is a serious security flaw, that needs to be taken care of. And detecting it as "trojan" is a way to mitigate this security flaw. You can simply rename sethc.exe back to cmd.exe or delete it.

Hi all, Usually malware analysts are lightning fast to fix false positives, this time it is taking a little longer than expected, I have checked with them, they are giving an ETA for 24-48 for the fix to arrive. Sorry for the inconveniences caused.

Hi @Studynx , If changing password/resetting 2fa requires a code that you get on your mobile device and have to enter it manually, assuming the malicious person does not have access to your mobile device, the account hacking seems not probable.

Hi @Snowwolfboi , It depends on your needs. Check this out: https://support.kaspersky.com/common/buy/15494

Hi @Wakior , What exactly happens, is there an error message? Can you post a screenshot? Does it help to pause protection?

Hey Flood, Thanks for your post, we can update both topics after this is sorted out by the malware analysts.