Xeno

Kaspersky should at least add a detection for the driver, but yeah, No anti-virus is able to do anything against a legitimate driver, especially Kaspersky which I feel is geared toward NOT false positiving.

Thank you all so much. I've been paranoid for days about this.

I've talked to support. Not sure if they looked into the specific threat, but to them, the fact that I've ran like 6 different scans and Kaspersky is clean is enough to show im fine.

So yes. Thank you.

Thank you. However, I dont see how that topic is a second opinion. Are you asking me to try and get into contact with Kaspersky's Virus Lab?

Thank you. However, I have talked to people who have worked in the Cybersecurity Field for many years, and have said that just because kaspersky doesnt detect a rootkit, doesnt mean you dont have it. Are there any other means to check, or am I clean provided the information within the original post. Anyways, hearing someone say its clean is a big relief, but I want to be more safe than sorry.

I got it to work by just resetting Kaspersky settings, and then putting everything back to normal. Thats what got it to work for me.

I was running this on a VM, and it wasnt super hardened. I am wondering if I am infected on my host - Kaspersky has found nothing. None of the drivers it installs are here, same with any of the dropped files. Also, this rootkit shuts off many AV's including Kaspersky, and it is running completely fine.

I understand. Thank you

What are "The correct channels"

*a Rootkit added to their signatures, wasnt detected beforehand

Thanks. I dont really know if I'll go to them because all I was gonna talk about was a rootkit that was in their signatures that completely shut off kaspersky with basic admin privledges and hopefully maybe let them like prevent it from happening again, idk.

yeah just what the title says

Also its in their signautures now, however it was only detected cause it was manually added.

There was a rootkit which kaspersky missed, and other AVs blocked, but Kaspersky didnt. It completely disabled kaspersky only with basic admin privledges and things like that. If anyone that like works at kaspersky sees this, maybe try to fix this from happening again?

So I play alot of modded minecraft, which involves .jar files. Now, with kaspersky set to extreme, it takes forever to launch as it scans all the .jar files whenever it launches, whenever I have it to scan archives. However, if I turn off scan archives, theres a chance a malicious mod might slip through. What would be good settings to have so where I scan .jar files, but maybe have it not make minecraft take forever. I have a temporary solution of allowing to scan them whenever they download but not whenever the application starts up via intrusion prevention. Any ideas?

The files that could possibly be malware are virus total links, which I dont have access to anymore. These were detected around 15/20 times on VT, with a scanner called "THOR" picking these up as either part of Cobalt Strike, or a JS Downloader used in a Quakbot Campaign. Thank you for responding however, and I will consider taking this feedback to a farther level.

Kaspersky is easily the best Anti-Virus for behavioral detection, and has a really good scanner, however that doesnt mean that the scanner isnt perfect. I think that Kaspersky should be a bit more aggresive, at least pre-execution, as I've seen it miss files associated with Malicious ones, or that create that specific file. Doing this would make Kaspersky alot stronger, and as its already pretty much a 100% detection rate, doing this would make it even closer to that.