Jump to content

Sam Hobbs

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

4 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thank you. If you say that article does what I want to do then I believe you but the article itself does not make that clear.
  2. I submitted a ticket. I provided them with the data they requested. They replied by saying I am not infected. They seem to ignore the possibility that they have not yet seen the malware I have. Their solution is to set Kaspersky to allow my program to do everything it is asking for. I know it is not my program doing the asking, it is malware. I replied to them saying I know my system is infected. Instead of replying to that, they closed the ticket. I consider it to be highly irresponsible for them to tell me to allow the malware to have all the privileges it asks for. I am disappointed and highly frustrated. As for using other vendors, I thought I would begin by using the protection provided by Microsoft, provided by Windows built-in. Relevant to that I asked the question Pause versus exit. Also, I am getting a new computer soon.
  3. What is the difference between pausing protection and exiting Kaspersky? I am using Windows 10. I tried searching and I think I found an article about pausing protection but now I cannot find it. When I search the knowledgebase for pause I get no results. I think I found the article when I used Google; the search engine in this site is probably not good enough. I found How to off total security ? - Kaspersky Total Security - Kaspersky Support Forum that says we need to first pause then exit. All the Kaspersky articles imply that we will be totally unprotected if we turn it off. I know (I think I know) that Windows will revert to its built-in protection. That is what I want to do; I want to temporarily use the protection provided by Microsoft.
  4. I get a few of these each time I build a program using Visual Studio. I do not get them from the build; I get them the first time the program is run. Note that I am selecting the option to remember my selection but then it forgets the selection when the exe is built again. I always block the requests. The important thing is that this should not be happening.
  5. If it will take them more than a couple of days then they will likely lose the opportunity to diagnose the problem. It is foolish for me to allow the malware to remain in my system. I sure do not want to do that. The problem is not Kaspersky. Kaspersky is blocking the malware and asking me if it should be allowed. The malware is attempting to do a variety of things that the good software would not do.
  6. I submitted a ticket and they have escalated the issue. So they are working on it. I definitely have malware, my system is doing many suspicious things. I am tempted to uninstall and reinstall everything but I will give them a couple of days to try to find the malware.
  7. There are at least three situations here. One is that Linux itself might be infected. Another is that a Linux container might include an infection. I think a third is that something can execute within the VM in Docker independent of containers. I don't know enough to be sure of any of that. So that article is useless for me. It is too technical to answer my question. If I understand it then it is covering the first two possibilities I describe above but not the third and it is the third that I am concerned about. In other words, I am concerned that systems with Docker installed are vulnerable without the Docker VM (or any portion of Docker) being modified and independent of the containers, including no containers. Is it possible for something to execute in the Docker VM that does not require Linux itself to be modified and that is not part of any container and that Kaspersky is not monitoring?
  8. Thank you but things are not working. For Step 2 when I unchecked Perform recommended actions automatically it did not ask me what to do. I do not know if you are familiar with Visual Studio and programming; I will assume not. When I tried to build (compile) the program Kaspersky asked me whether to delete or block. I selected block. But the build failed; it was unable to compile the program. For anyone that understands this stuff, VS complained about a NuGet package. However I think I have accomplished the objective of determining that the program (the one being built/compiled) is infected at the time of the build/compile. When I execute Kaspersky it says that a part of the build (apphost.exe) is infected with Sdum. It is Sunday night for me. Unless I hear otherwise, I will open a ticket with Kaspersky later, probably Monday afternoon for me.
  9. I am using Kaspersky Total Security in Windows 10 build 19045.2075. I wrote two programs recently and built them using Microsoft Visual Studio 2022. Yesterday Kaspersky found malware in them (the exe files); both the Debug and Release builds and in AppHost files for them. Kaspersky deleted the relevant files. Kaspersky did not find malware anywhere else. Today I want to build them again and scan them to determine if the malware is there after the build. Kaspersky immediately deletes the files. I could copy the projects to somewhere else just for the purpose of determining if the malware is put in the exe file during the build. Does anyone have any other suggestions? I will try to find the option to remove the files from Kaspersky's list of files to zap, whatever that is called. If the malware is in the files immediately after the build then I know my development software is compromised. Or the problem is Docker, as I describe in a different thread.
  10. Does Kaspersky look inside the Docker VM? See Hiding malware in Docker Desktop's virtual machine - Atlassian Community. That article says enough to know there is reason to be concerned but not enough for me to know much more. The important thing is that if Kaspersky does not look inside the Docker VM then it is entirely useless protection from that vulnerability.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.