Veerain

Hello Here are your files https://drive.google.com/drive/folders/1OxJ4qDUfJOqqTfKkIkZXTzTtwNS-ln2m?usp=sharing

Hello I was unavailable for some time so sorry for that. for your 1st question Trojan.Multi.GenAutorunReg.a appeared after I clicked on "delete" in the "Select method of processing legitimate software." (refer my very first post in my first message image bottom right popup) till that point I couldn't see Trojan.Multi.GenAutorunReg.a in the kts logs. it was after the advanced disinfection that it showed me that Trogan. (which it removed) Your message to shut down and update the database came after Kts had disinfected the trojan (after adv disinf) 2)I did.! Infact When I blocked all its processes I wasn't able to uninstall it.( as I blocked brave installer also) (then I unblocked the installer and then uninstalled it.) But to my surprise Some components were still left (like in program files 86 etc) I manually deleted all of them by (searching "brave" in my explorer under full pc scan) Then after sometime it again showed that it had deleted another trojan and made a quarantine copy of it. Then after loosing all my patience I left my pc in the hands of the lord (may god bless it and my patience) anyways now it seems to be fine

Sorry for the late response I was planning out how to put forward my concern properly Here is the link to the file and first watch the video which I added in that file. https://drive.google.com/drive/folders/1HXZfwpmjxnx_vGrYQx_PaW824SVz7yxu?usp=sharing Regards Veerain

now I want to know how to remove an application off the "trusted applications" as they were able to place it in trusted application group so.......... how to deal with this situation now .........

Thankyou for the reply first of all.. Secondly Here is the trailer of what happened while you were working on my issue : Iike any person would, I selected the delete option. For some time it didn't do anything and then it came back with : Event: Malicious object detected User: XENOMORPH\My name User type: Active user Component: Virus Scan Result: Detected Result description: Detected Type: Trojan Name: Trojan.Multi.GenAutorunReg.a Precision: Exactly Threat level: High Object type: File Object name: System Memory Reason: Expert analysis Databases release date: Yesterday, 20-08-2022 14:09:00 and then it asked me to do an advanced disinfection. So I proceeded with it. And after restarting my pc I went to the logs and found this: Event: Object disinfected User: XENOMORPH\my name User type: Active user Component: Virus Scan Result: Disinfected Result description: Disinfected Type: Trojan Name: Trojan.Multi.GenAutorunReg.a Precision: Exactly Threat level: High Object type: File Object name: System Memory And to my wonder, now the same tor file that it couldn't disinfect is now placed in the trusted applications group... the application control says: Today, 21-08-2022 08:05:27: Event: Application placed in the trusted group; Application: tor-0.4.7.8-win32-brave-1; Application name : tor-0.4.7.8-win32-brave-1; Application Path:C:\Users\my name\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb\1.0.27; Application PID: 0; User : NT AUTHORITY\SYSTEM; User type: System user; Application placed in group;;;;;;;Trusted;;;KSN

Also I think this happened because I used tor browser of brave(i.e. when you go to opts and select "New Private window with tor") to acess Zlibrary to get some book.As it is now blocked in my country.. so I thought this info might be helpful. Also can you suggest any better method to acess tor without compromising my security(like this happened now and I don't want these kind of things repeating the next time I use tor...) Is there any "safe way" (acc to kaspersky) to acess the tor network?

Thankyou so much for the quick reply first of all..... Here is the full name: And yes its from brave again. and in KTS Reports it shows this: Event: Detected legitimate software that can be used by intruders to damage your computer or personal data Component: Application Control Result description: Detected Type: Legitimate software that can be used by intruders to damage your computer or personal data Name: not-a-virus:NetTool.Win32.TorTool.goj Threat level: Low Object path: C:\Users\veera\AppData\Local\BraveSoftware\Brave- Browser\UserData\cpoalefficncklhjfpglfiplenlpccdb\1.0.27 Object name: tor-0.4.7.8-win32-brave-1 Reason: Databases Databases release date: Yesterday, 20-08-2022 14:09:00 MD5: 6BF1C0DBFE8F2E6BC086F2CA8C03FBFB Also do let me know if I should select delete to get rid of it or will that result in some kind of (yet another(btw I am now fed up with brave) brave software mess)

Hello I am using kts on my windows 10 home and kaspersky Kts version 21.3.10.391 (j) This morning (i.e. now when I am writing this) I got this error message :- I have not done anything or clicked anywhere as of yet so this popup is currently on my screen as I type: what should be the proper step for me now ... and kindly help me quickly as the popup is currently open and I haven't selected any of the 3 (delete, skip, add to exclusion) options. Kindly guide me.... as soon as possible thanks!

Hello I am using kts on my windows 10 home and kaspersky Kts version 21.3.10.391 (i) I recently had to reset my device due to some issues and had to reinstall kts on reinstallation it is asking me to again (I created it the first time I installed kts and it was still there on the system before and after reset) create a backup folder, I was curious that is there a way so that I can continue with previous one? I already have it on my pc

thank you for reaching out. I have disabled the "scan only new and changed files option" Still it didnt scan all the files because I think I deleted a few of them. anyway in 2nd I was asking about the fact that does kaspersky detect any malicious registry keys made by the malware? and why did it postponed some of the files?

Yeah sorry for the late response (I posted this feed late at night and then slept and looked at it in the morning) I scanned my full pc 2 times and windowsC: drive once and it says no threats detected. but this time kts scanned about 481171 files on my system. Earlier (yesterday it scanned 638796 files)(this was before I deleted some files as kts couldn't handle them(kts postponed them , I dont know what that means and when will it refocus to those files) so that might be the cause of lesser files scanned?) anyway 1)is there anything more to do regarding this issue? 2) Is there a way to check which applications have made their registry key to run at startup just incase if I wanted to delete any unwanted mess that these files might have created?

I ran a full system scan(deep Heuristic Analysis) and found that REPACK PASS (812736).rar file created copies of itself Actually the file i downloaded was this rar one and i extracted it to get that setup.exe file I deleted all the above mentioned files , any suggestions what to do now?(as a precautionary measure?

Hello I am using kts on my windows 10 home and kaspersky Kts version 21.3.10.391 (i) Just recently I downloaded a file from mega (was a setup file for some programm that I needed (had the name setup.exe)) and I have a habbit of scanning the exe file which I download so as always I scanned them with Kaspersky before opening them(running the exe files)) So i ran the scan and voila! it was indeed malicious. it said after the scan: here is the scan report Now all of these files I didnt run them but scanned them. So I wanted to ask( I deleted both the files btw) Even after deletion do they pose a threat? if i did not run the setup? btw i deleted the setup.exe file which came out from the REPACK PASS (812736).rar

I disabled self defense and tried to close the application(mimic a reboot) then enabled it again. It is not showing anything. I think it is resolved but will keep this thread open if it comes up again... Thank you!

Oh so you mean I reload kts and see if this comes up again or not?