-
Posts
1363 -
Joined
-
Last visited
Everything posted by Igor Kurzin
-
Hi darkflux, Looks like the issue is due to "locking your PC down". Can you please give more details on how the Windows 7 is locked down, how changes are wiped and reset?
- 1 reply
-
- 2
-
-
g_objdt.dat taking up 1.16 GB of RAM
Igor Kurzin replied to affatube's topic in Kaspersky: Basic, Standard, Plus, Premium
This file contains temporary data of Kaspersky, the size of 1,6Gb on the disk is normal. You can disable Self-Defense in the Kaspersky product, then exit Kaspersky product and delete the file. -
Remove kaspersky security cloud via GPO?
Igor Kurzin replied to rlithgow1's topic in Kaspersky Security Cloud
You can remove Kaspersky products via command line only if you first enable password protection in the product, then you can run uninstallation and include the name/password. Which upgrade are you planning to make? (trying to figure out if clearing KSC first is needed).- 1 reply
-
- 1
-
-
Provides viruses that Kaspersky cannot currently kill
Igor Kurzin replied to kyuno1's topic in Kaspersky Anti-Virus
Hi @kyuno1 , Please submit this sample at https://opentip.kaspersky.com, if it is not detected yet, please click ‘Submit to reanalyze’ button. -
Hi @Dylan , Check this article out: https://support.kaspersky.com/us/14674#block4
-
Hi @DARKxx56 , You can submit a ticket via https://support.kaspersky.com/b2c/ for assistance with this issue.
-
Crash después de actualización
Igor Kurzin replied to Bambiton's topic in Para usuarios particulares
Hola @Bambiton, ¿Tienes alguna de estas dos aplicaciones instaladas en tu PC? Web Companion HP Velocity -
Trusted address settings ignored
Igor Kurzin replied to BudTheGrey's topic in Kaspersky Total Security
Thank you for the screenshots. To fix this, please add subdomains to Trusted addresses as well, e.g. pfsense.thedurlands.site. -
What is the best Scane mode in KIS ?
Igor Kurzin replied to Necro PC's topic in Kaspersky Internet Security
Hi @Necro PC , The default setting (Smart Scan) is the optimal one for majority of the situations and users. You can read the description below and choose another option if needed: Smart mode. In this mode, File Anti-Virus scans an object based on an analysis of actions taken on the object. For example, when working with a Microsoft Office document, Kaspersky Total Security scans the file the first time it is opened and the last time it is closed. Intermediate operations that overwrite the file do not cause it to be scanned. On access and modification. In this mode, File Anti-Virus scans objects whenever there is an attempt to open or modify them. On access. In this mode, File Anti-Virus scans objects only upon an attempt to open them. On execution. In this mode, File Anti-Virus only scans objects upon an attempt to run them. Kaspersky Internet security detect EICAR-TEST-FILE sometimes What is the scenario (step by step) when eicar test file is not detected? I am asking, so we can check in our environment. -
Trusted address settings ignored
Igor Kurzin replied to BudTheGrey's topic in Kaspersky Total Security
Hi @BudTheGrey , To make sure we are on the same page, can you post a screenshot of the Trusted addresses, the error message when connecting to one of the local devices (so that URL in the browser address bar is visible as well)? -
Disinfection not working.
Igor Kurzin replied to MangoBui's topic in Virus and Ransomware related questions
Hi @MangoBui , Trojan.Multi.Accesstr detection is triggered when Kaspersky products detect that one of Windows utilities in %systemroot%\system32 folder is replaced by cmd.exe or powershell.exe. The trojan.multi.accesstr.ash can be detected in situations when cmd.exe was renamed to C:\Windows\System32\sethc.exe Please check the following: 1. Press Win+R to open the Run menu. Paste C:\Windows\System32\sethc.exe and press OK. If Command Prompt windows opens, it means there is no actual trojan, there is a cmd.exe file that had been renamed to a sethc.exe. Windows contains accessibility features that may be launched with a key combination before a user has logged in (for example, when the user is on the Windows logon screen). Someone can modify the way these programs are launched to get a command prompt or backdoor without logging in to the system. So the renamed cmd.exe file itself does not contain malicious code, but it is a serious security flaw, that needs to be taken care of. And detecting it as "trojan" is a way to mitigate this security flaw. You can simply rename sethc.exe back to cmd.exe or delete it. -
Hi all, Usually malware analysts are lightning fast to fix false positives, this time it is taking a little longer than expected, I have checked with them, they are giving an ETA for 24-48 for the fix to arrive. Sorry for the inconveniences caused.
-
Hi @Studynx , If changing password/resetting 2fa requires a code that you get on your mobile device and have to enter it manually, assuming the malicious person does not have access to your mobile device, the account hacking seems not probable.
-
which kaspersky product is best
Igor Kurzin replied to Snowwolfboi's topic in Kaspersky Internet Security
Hi @Snowwolfboi , It depends on your needs. Check this out: https://support.kaspersky.com/common/buy/15494 -
Hi @Wakior , What exactly happens, is there an error message? Can you post a screenshot? Does it help to pause protection?
-
MTGO.EXE Trojan PDM:Exploit.Win32.Generic.nblk
Igor Kurzin replied to pbacevedo's topic in Kaspersky Internet Security
Hey Flood, Thanks for your post, we can update both topics after this is sorted out by the malware analysts.