Wesly.Zhang

Hello, @appie You don't know what I said about add self certiticate into system root certificate store. I suggest you do the following step : Ctrl+R --> certmgr.msc --> select trusted root certificate .... --> import...-->Follow the on-screen prompts to complete the certificate import -->close all browers, try again. Regards.

@John1954, Please see this article: https://www.online-tech-tips.com/computer-tips/how-to-boot-to-windows-11-10-system-recovery-options/ You should go into Command Promp to execute above command to try to restore windows image in advanced options of Windows 10 recovery mode.

Hello, @dayday 如果计算机安装有网络加速器产品的，请按照楼上的操作重置网络设置，一旦你再次使用网络加速器后问题会重复出现，请再次重置网络。

Hello, @Coffee in Squamish Do I guess whether is this alarm or not? Messages "Certificate verification problem detected" and "Cannot guarantee authenticity of the domain to which encrypted connection is established" when trying to open a website If yes, I remember you can find the log in web-antivirus logs. Regards.

Hello, @nexon Does the browsers change its Privacy Policy rule related to XSS or official anti-banner rule? Try to see the browsers settings and change related settings to check this issue again.

Hello, I advice you repair OS first. This blue screen is a BSOD issue and the key process has been broken , so system crash. How to go into windows 10 safe mode: https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234#WindowsVersion=Windows_10 Using Dism Repair a Windows Image: https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/repair-a-windows-image?view=windows-11 DISM.exe /Online /Cleanup-image /Restorehealth Using above command to restore windows 10 image. Please reply back its execution result. Regards.

Hello, @appie Have you ever tried to add a self-signed certificate to the system's trusted root certificate store? This may be able to solve your problem.

Hello, @John1954 Could you make a screeshot on the "blue page" and upload here? Is it a ransomware? Regards.

Hello, which version of the outlook？which email provider you encounter the issue do you use? Maybe I need do a test and do you try to report this issue to kl support via my.kaspersky.com/b2c ? Regards.

Hello, I think you might turn on the two-factor authentication mechanism for your Kaspersky account using microsoft authenticator in account security settings. Regards.

Hello, 你到网页反病毒的设置，信任网址中去看看。有些设置在重启计算机后会自动恢复，你也可以去试试。

Hello, 请你卸载后重启计算机，然后对C盘进行磁盘扫描修复遇到的任何文件系统问题后在重新安装产品。

Hello, I remember this setting will automatically fail after rebooting, have you tried rebooting? Regards.

Hello, @somebody It seems that there is a problem with the system digital certificate. Have you changed the encrypted IMAP and SMTP protocol settings of your mailbox? Regards.

Also, May I ask you what input method do you use, Microsoft input method or other third-party input method? Is this detection very regular, between 15 minutes and 20 minutes after the system starts up? Until there is no final solution, you can turn off background (rootkit) detection first. https://support.kaspersky.com/KTS/21.3/en-US/199672.htm

Hello, @Bagus1414 Have you updated any software or installed any software recently? As I think, Usually this detection is to find the existence of expanded memory in the memory process to store code. For example, this situation exists under the explorer.exe process. This operation may be due to a legitimate program (just a false alarm) or an illegal program. So now you need to troubleshoot the problem one by one, you can also report this situation to Kaspersky technical support.

All the above operations about terminate the process are only valid for the current one. If you shut down and restart OS, please re-terminate the related process again.

Hi, @Bagus1414 I have received your file and check some place. As an investigation, I need you to prevent some software from running in the background first, for example, to prevent some software from starting automatically at OS boot period. At this point, wait a while to see if the detection still occurs. Finally report the situation and give us feedback. First, you should update the windows to install all hotfix or patch. Second, Try to config some application settings. Synapse3 - C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe //If you have some basic functions to use, you can terminate process Lightshot - C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe //search its settings to uncheck start with system boot optional or kill its process. Web Companion - C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe //search its settings to uncheck start with system boot optional or kill its process. TrayApplication - C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe //search its settings to uncheck start with system boot optional or kill its process. vksts - C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\vksts.exe //search its settings to uncheck start with system boot optional or kill its process. CodecPackTrayMenu.lnk - C:\Windows\SysWOW64\Codecs\TrayMenu.exe //search its settings to uncheck start with system boot optional or kill its process. BlueStacksHelper - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe //kill this process Winrar - D:\Folder APP\WinrarFile\rarext.dll // I recommend you use 7zip instead of this software. Regards.

Hi, @Bagus1414 Could you export microsoft autoruns logs to me via pm？File-->Save... https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns Regards.

Hello, @appie Could you take a screenshot on the message？Upload here. Regards.

Hello， 在某些AMD中央处理器的系统内，该选项不可用。

Hello, @ptwl @Yliven 的意思可能是让你用QQ邮箱，以超大附件的形式将分析数据通过QQ邮箱发送给它们。

Hello, 没有明白这个导致无效的什么意思。如果你指的是到达激活码最大激活次数的话，这是会影响的。

Hello, @Saoirse Please login my.kaspersky.com using the account you want to delete. and select this button to finish deleting.

There is a situation that needs to be understood. Now test white EXE + gray/bad dll + vulnerability white driver + load arbitrary kernel code, you can passby/kill/hang all antivirus software. And future attacks will destroy all kernel protections of antivirus in a similar way, and then do whatever you want. Now anti-software has done a terrible job of attacking and defending at the kernel layer. , In addition to the ROOTKIT attack method, there is also the BOOTKIT attack method, which is also a hang-up of various anti-software. Microsoft WIN11's strong push of TPM and SECURE BOOT / Device Control is also a reluctant action, but most of them are resisting except those in the industry, resulting in future security problems that cannot be solved.