Search the Community

For detailed info from Yury N, KL person, please fire up your favorite translator and see: https://forum.kaspersky.com/index.php?/topic/329237-%D0%BF%D0%BE%D0%B8%D1%81%D0%BA-%D1%80%D1%83%D1%82%D0%BA%D0%B8%D1%82%D0%BE%D0%B2/&do=findComment&comment=2501074 Google translate: "1) "Rootkit scan" and "quick scan" are the same. Only "rootkit scan" comes in the background and with reduced CPU and disk consumption. 2) The same number of objects will not get. There are many nuances. For example, running / running processes are included in the scan. Windows constantly runs background tasks, so the number of objects to be scanned is constantly changing. 3) You can do such a test - disable the automatic launch of the rootkit scan, reboot, start the rootkit scan from the console (avp.exe start scan_qscan), wait for the end, start the quick scan. The number of quick scan objects will be greater than that of rootkit scan." And: https://forum.kaspersky.com/index.php?/topic/329237-%D0%BF%D0%BE%D0%B8%D1%81%D0%BA-%D1%80%D1%83%D1%82%D0%BA%D0%B8%D1%82%D0%BE%D0%B2/&do=findComment&comment=2499744 Google translate: "1) The ability to customize the search schedule for rootkits was never. 2) You can disable the search for rootkits in the settings 3) You can set up a "quick scan" schedule convenient for you. Rootkit scan and quick scan are one and the same. Only "rootkit scan" comes in the background and with reduced CPU and disk consumption. 4) You can disable rootkit scan and not set up a quick scan schedule if you regularly launch a quick scan yourself PS The influence of rootkit scan should not be noticeable even when the game profile is disabled. But the game profile affects other background tasks that may be causing the brakes in the game."

Hi guys, Thanks for the quick response. #3. Yes, it has been running on my system for almost a year but I always had issue with Gliffy and Draw.io in Confluence. They just did not work. Yesterday, after some months of quiet time, I gave another go to Confluence with Draw.io (a new temporary full license and added Draw.io to my space). I made my first diagram but after saving it, I got the error above, "Diagram Not Found". I tested this issue with Edge, Chrome and Firefox (including private browsing) on Windows 10 and I could not see my diagram in Confluence. Then I read the following case at the Atlassian Community website. So I de-installed Kaspersky Premium and surprisingly I could see my Draw.io diagram in all Internet browser platfroms. Then I re-installed Kaspersky Premium (it was a clear install", and installed/enabled Kaspersky Protection Extension for Firefox. This produced the original problem with reading my Draw.io diagram. I played with Kaspersky Protection Extension for Firefox but nothing worked (even disabling it). So I removed Kaspersky Protection Extension from Firefox, and restarted Firefox. Unfortunately, my Draw.io still did not work and Kaspersky Premium still showed that the Kaspersky Protection Extension for Firefox is ON. Then I stopped and started Kaspersky Premium again and finally it showed that Kaspersky Protection Extension for Firefox was not enabled. And my Draw.io diagram worked again. #2. I will test this and come back #1. I did not enabled Kaspersky Protection Extension, for Private Browsing. But I tested the issue on all the three Internet browser platform in Private (Firefox), Incognito (Chrome) and InPrivate (Edge) modes, none of them worked. The same happend in non private mode of these Internet browsers. I will set this up for Private browsing to see how it works.

Hello @son, Also, Launch Kaspersky at computer startup (recommended) Thank you? Flood?+?

Hello @ LouisLewis To address the attack and improve your protection, I’ll walk you through several possible solutions to enhance your Kaspersky Endpoint Security (KES) configuration and bolster your network defenses. Since this attack caused a disruption, it indicates either a potential misconfiguration or an area where additional layers of protection are needed. Here’s a step-by-step approach to strengthen your setup: 1. Review Kaspersky Configuration and Policies Application Privilege Control: Ensure Application Control is fully enabled and configured. Set up Network Rules to restrict certain IP addresses or block applications that attempt suspicious outbound or inbound connections. Intrusion Detection and Prevention (IDS/IPS): Enable the Network Attack Blocker feature in KES if it’s not already active. This module can detect and prevent suspicious network behavior. Web Control: Use Web Control policies to block access to malicious sites or IPs flagged during the attack. Cross-check the IP in Kaspersky’s threat intelligence or an external source like VirusTotal to confirm its malicious intent. 2. Block the Attacking IP Address on the Firewall Even though KES offers endpoint protection, it is crucial to complement it with perimeter defenses. Add the IP to your firewall blocklist. Use Geo-blocking if the attack originates from a suspicious or irrelevant region. Implement Rate Limiting or Traffic Shaping on your firewall to mitigate DDoS or flood attacks. 3. Enable Firewall and Host Intrusion Prevention on Endpoints Make sure that KES Firewall is properly configured: Add a custom rule to block the specific IP address involved in the attack. Enable Host Intrusion Prevention (HIPS) to detect and block exploitation attempts on endpoints. 4. Update Threat Feeds and Indicators of Compromise (IoC) Use Kaspersky's Threat Intelligence feeds and any available IoCs to proactively block known bad IPs or domains. If your KES has EDR (Endpoint Detection and Response) or Threat Hunting capabilities, upload any indicators (e.g., the attack method or IP address) to block future attempts. 5. Advanced Logging and Alerts Setup Enable event logging and notifications in Kaspersky Security Center (KSC): Configure alerts for specific events such as repeated failed login attempts, new IP connections, or brute force attacks. Integrate KSC with your SIEM solution to get real-time monitoring and correlate logs for suspicious activity. 6. Check for Configuration Gaps Run a KES Policy Audit: Make sure all machines have the latest KES policies applied. Use Security Profile Reports in KSC to identify any endpoints with incorrect configurations. Install Kaspersky Network Agent (NA) on all endpoints to ensure real-time communication with KSC. This helps with quick policy updates and ensures accurate reporting. 7. Complementary Security Measures Implement Multi-Factor Authentication (MFA): This mitigates risks from unauthorized login attempts. Patch Management: Ensure all software on your endpoints is up-to-date to avoid vulnerabilities. Summary of Actions: KES Configuration: Ensure IDS/IPS and firewall rules are configured correctly. Add IP-specific block rules. Firewall Configuration: Block the attacker’s IP and implement rate limiting. Alerts & Notifications: Enable logging and alerts for suspicious activity in KSC. Threat Intelligence: Regularly update Kaspersky with IoCs and threat feeds to block known malicious IPs proactively. By reinforcing both KES and your network firewall, you’ll minimize the chances of a future attack causing service disruptions. If you need help auditing your Kaspersky setup or configuring any of the above features, let me know! Thank you

Hello @tniou, Welcome! Thank you for your contribution👏 Agreed, there has been a lot of complaints about Secure Keyboard input is enabled popup, because, it’s a PIA😡! We think there’s an easy fix for this, similar to Kaspersky’s Protected browser, for any field where the Secure Keyboard input is enabled popup (apart from the fact the tiny keyboard icon is already present in the righthand side of all such fields, nothing like overkill Kaspersky!!); all they have to do is use a green border on all Secure Keyboard input is enabled protected fields → it’s not 🚀 science Kaspersky🙄 Thank you🙏 Flood🐳+🐋

Why after installation of a new Kaspersky Premium my PC won't shut down? Takes ages and I switched off by force. With previous Kaspersky Total Security it used to start up and shut down very quick. OS is Windows 10. What is the problem of VPN Kaspersky Secure Connection? When I try to use it almost all websites open blank page with error: 'Anonymous Proxy detected'. As I understand the purpose of VPN Secure Connection is to hide my real IP and to avoid any proxy detection. I tested it with all servers list from countries A to Z.

Hello @om richard, Welcome! Open the GUI, select Settings⚙, select Privacy settings, select Secure Data Input, uncheck Enable Secure Keyboard Input, select Save, select Confirm. Thank you? Flood?+? Resources: About protection of data entered on the computer keyboard How to configure protection of data entered on the computer keyboard

This is just a REAL shame to broke user's PC like that , never seen this before !!!!!! the up^date of 23/08/2023 just broke my entire computer : no mouse, no keyboard ... and system in hibernate mode !!!!!!!!!!!!!!!!!! What can i do to recover my computer ??????? usb fix : just ...., 1 change and no keyboard or mouse ???? Is there skilled ingeneer at kasper lab ??? You just waste my time, and week end.

It looks good? the max protection is that you type in a password input box via K‘s virtual keyboard in safe-money protected broswer. the password input box should be automaticly indentified by K and you will be suggested to use the virtual keyboard. a small lock icon will be displayed beside the input box.

BTW i tried reproduce but in mine case all working perfectly (i dont have english keyboard) so i must first click on shift and then i see numbers. But there was no problem maybe only on some PCs or english keyboards...

Hello @booger, You’re most welcome! (ioo) the tiny Quick launch keyboard icon is fine, the Secure Keyboard Input is enabled popup it generates serves no purpose at all, (ioo & that of many others,) it’s something Kaspersky “should” fix, if they’d only listen to their subscriber feedback! Need to replicate & research, we’ll get back to you. Are KVPN & Kaspersky Security Data Escort Adapter both uninstalled - see images, let us know so we can again replicate & research? When the “desktop app continually tries to install the VPN” is there an alert that you can screenprint & post for us please? Thank you🙏 Flood🐳+🐋

Addional Information to my earlier post: Windows 11 Home Edition, Ver 23H2, build 22631.4037 Kaspersky Plus version 21.18.5.438 (a) HP17 AMD Ryzen 5500U Problen first noticed 24/8/24 After clearing all Kaspersky related folders, registry & leftovers I did several re-instals with and without my saved settings. Each time the keyboard works normally until the computer is next restarted when it reverts with the same problem. Thank you

I noticed my computer has been very very slow and every now and again i get messages from kaspersky saying "previous application launch failed" i have optimized my computer and run a full scan on my computer the other day and nothing comes up as wrong, also when i try to play Fortnite the game lags incredibly bad, it is when i sign out of that game do i usually see the "previous application launch failed".

Hi Flood, I just did some quick research on this UltraAV, I can't trust it. If Kaspersky is out of the queue, I am switching back to bitdefender as my backup plan. Where can I process a partial refund? I am not using this garbage. Or as far as I know, they are banning the US license right? So can I just get a Euro key instead? So I can get my damn database updated?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Problem Using EDR, you may encounter an issue where you're unable to view incident card regarding a detection in KSC Web Console. It looks like this: Here we will discuss known causes of such behavior (several products are involved, so causes may be different). Possible causes and solutions MDR In MDR, incidents are to be viewed using the dedicated MDR Console, and KSC version 13 and newer with configured MDR plug-in. KSC 12.* Web Console will not receive the data; this is expected behavior. KES+KEA If you first install KES without EA component, and then a standalone KEA package, KES EDRO integration will be disabled and killchain will not work. Here is a quick way to determine if KEA was installed as a component of KES. Open regedit, then navigate to: [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\protected\KES\Installer\features] "AntiAPTFeature" = "1" If the value is 0, proceed to the workaround to enable the component as described below. To fix this, we ran Change application components task on the host, enabling Endpoint Agent in KES. If KES/KEA integration is configured correctly, we can find the following in KES traces: 12:08:37.426 0x2a18 INF edr_etw Start processing detect = http://www.virusanalyst.com/eicar.zip//eicar/eicar.com, recordId = 6, taskId = 1128, result = 0 12:08:37.426 0x2a18 INF edr_etw Start processing actions = http://www.virusanalyst.com/eicar.zip//eicar/eicar.com, action = 4, recordId = 6, taskId = 1128, edrAction = 3489660999, result = 0 12:08:37.442 0x2a18 INF edr_etw Killchain is enabled! 12:08:37.442 0x2a18 INF edr_etw SystemWatcher is running! 12:08:37.442 0x2a18 INF edr_etw product::component::edr::`anonymous-namespace'::IsSystemWatcherDetect begin 12:08:37.442 0x2a18 INF edr_etw product::component::edr::`anonymous-namespace'::IsSystemWatcherDetect end 12:08:37.442 0x2a18 INF edr_etw product::component::edr::`anonymous-namespace'::InvestigateProcessIds begin 12:08:37.442 0x2a18 INF edr_etw product::component::edr::`anonymous-namespace'::InvestigateProcessIds end 12:08:37.442 0x2a18 INF edr_etw Finish processing detect = http://www.virusanalyst.com/eicar.zip//eicar/eicar.com threat status = 1, recordId = 6, taskId = 1128,result = 0 12:08:37.458 0x1f18 INF edr_etw Finish processing AV detect result = 0 Searching for ThreatID in KEA traces: 12:08:37.426 0x2a18 INF amfcd ThreatsProcessingEventsLogic::OnTreatActionImpl: ctx:0x23d68510 [TI 0x1b8dd490: id = 0x6, : tdid = {7F620459-6C51-9E46-9A5D-689A9B0D0098}, name = http://www.virusanalyst.com/eicar.zip//eicar/eicar.com, add info: <none>, 0x0] 0x4 0x0 KES+KEA (upgrade from KESB to EDR Optimum) EDR Optimum requires KSC 12.1 or newer to work. This includes the Network Agent, which is a part of KSC, and is generally installed on the host alongside KES. Using an outdated version of Network Agent (10.5, 11, etc.) will lead to the mentioned error when opening incident cards. If Network Agents were not upgraded along KSC, it's better upgrading them for EDR Optimum. KES 11.7+ Check that EDR Optimum feature is enabled in registry (GSI > Registry > HKLM_Software_Wow6432Node_KasperskyLab.reg.txt ). [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\protected\KES\Installer\features] EdrOptimumFeature = 1 If value is 0, run Change application components task on the host, enabling EDR Optimum in KES. Also in traces (*.SRV.log) you can search for sentence bundles::InstalledFeaturesProvider::InstalledFeaturesProvider and check that EDROptimumFeature is there, for instance in example below such component is missing KES.21.9.6.465_05.18_14.00_3952.SRV.log 11:00:36.897 0x26a0 INF bundles::InstalledFeaturesProvider::InstalledFeaturesProvider{ 3 (AVScannerAndCoreFeature) 28 (AdaptiveAnomaliesControlFeature) 0 (AdminKitConnectorFeature) 24 (AdvancedThreatProtectionFeature) 27 (AmsiFeature) 7 (ApplicationControlFeature) 17 (BehaviorDetectionFeature) 30 (CloudControlFeature) 4 (CriticalScanTask) 6 (DeviceControlFeature) 23 (EssentialThreatProtectionFeature) 11 (ExploitPreventionFeature) 8 (FileThreatProtectionFeature) 19 (FirewallFeature) 5 (FullScanTask) 2 (HostIntrusionPreventionFeature) 16 (MailThreatProtectionFeature) 14 (NetworkThreatProtectionFeature) 12 (RemediationEngineFeature) 25 (SecurityControlsFeature) 18 (UpdaterTask) 21 (WebControlFeature) 20 (WebThreatProtectionFeature) 22 (WholeProductFeature) } KSWS+KEA The same rule applies: KEA component needs to be installed in KSWS. KSWS does not have a "Change application components" task in KSC, so this has to be taken into account during KSWS deployment. Here is a quick way to determine if KEA was installed as a component of KSWS. Open regedit, then navigate to: [HKEY_LOCAL_MACHINE\Software\Wow6432Node\KasperskyLab\\WSEE\11.0\Install] "Features"="AntiCryptorNAS=0;AntiCryptor=0;AntiExploit=0;AppCtrl=0;AVProtection=0;DevCtrl=0;Fim=0;Firewall=0;ICAPProt=0;IDS=0;Ksn=0;LogInspector=0;Oas=0;Ods=0;RamDisk=0;RPCProt=0;ScriptChecker=0;Soyuz=0;WebGW=0" (Soyuz needs to be set to 1) If Soyuz is set to 0, apply workaround to enable it. KSWS allows to change its components locally or via cli. Here is the example of how to set Soyuz=1 when KEA was installed not as a component of KSWS: 1. Locate ks4ws_x64.msi or ks4ws.msi (depends on OS architecture) 2. Create custom installation package based on ks4ws_x64.msi or ks4ws.msi from p.1 with parameters as per screenshot (add UNLOCK_PASSWORD= if KSWS is protected by password in policy) 3. Deploy package on problematic servers with KSWS and KEA, then check registry that Soyuz=1 4. Check host's properties at KSC side - EDRO should be in Running state in KEA If KSWS/KEA integration is configured correctly, we can find the following in KSWS traces: 19:57:04.577 7a8 1310 info [edr] Published ThreadDetected: VerdictName : HEUR:Win32.Generic.Suspicious.Access RecordId : 0 DatabaseTime : 18446744073709551615 ThreatId : {ffb58079-6d8d-4a62-8ab0-021ff4ed61c5} IsSilent : false Technology : 3489661023 ProcessingMode : 3489660948 ObjectType : 3489660934 ObjectName : C:\Windows\System32\wbem\WmiPrvSE.exe Md5 : e1bce838cd2695999ab34215bf94b501 Sha256 : 1d7b11c9deddad4f77e5b7f01dddda04f3747e512e0aa23d39e4226854d26ca2 UniquepProcessId: 0xf7c807730e051a0d NativePid : 3360 CommandLine : AmsiScanType : AmsiScanBlob : FileCreationTime: 1601-01-06T23:09:56.075520800Z Searching for ThreatID in KEA traces: 19:57:05.583 704 9b0 debug [bl] ThreatsHandler: detect v2 verdictName: HEUR:Win32.Generic.Suspicious.Access detectTechnology: 0xd000005f processingMode: 0xd0000014 objectType: 0xd0000006 objectName: C:\Windows\System32\wbem\WmiPrvSE.exe nativePid: 3360 uniquePid: 17854528913448180237 nativePidTelemetry: 3360 uniquePidTelemetry: 17854528913448180237 downloaderUniqueFileId: <none> downloadUrl: <none> isSilentDetect: false threatId: ffb58079-6d8d-4a62-8ab0-021ff4ed61c5 19:57:05.583 704 650 info [evtstt] NetworkConnectionHandler statistics: queueSize=0, received=59675, processed=59675, dropped=0, queueBytes=191 19:57:05.583 704 650 info [evtstt] NetworkConnectionHandler statistics: queueSize=0, received=59676, processed=59676, dropped=0, queueBytes=132 19:57:05.583 704 650 info [evtstt] NetworkConnectionHandler statistics: queueSize=0, received=59677, processed=59677, dropped=0, queueBytes=371 19:57:05.583 704 9b0 debug [bl] Threats Handler: event processed, id = 2 19:57:05.584 704 1fc debug [killchain] Message discarded: name = ThreatDetect The verdict is Message discarded, this means the detection won't trigger killchain generation. No such entries can be found in traces, which might mean that EPP integration is not configured correctly (EDR component is disabled in KSWS). Check killchain presence on the host If all pre-requisites are met, it's worth checking if killchain files are actually created on the host. To check that, run cmd.exe as Administrator and check the c:\ProgramData\Kaspersky Lab\Endpoint Agent\4.0\Data\killchain\detects folder contents. Archives with <threat_id>.zip names should be present in the folder: C:\WINDOWS\system32>dir "c:\ProgramData\Kaspersky Lab\Endpoint Agent\4.0\Data\killchain\detects" Volume in drive C has no label. Volume Serial Number is 8010-ADC0 Directory of c:\ProgramData\Kaspersky Lab\Endpoint Agent\4.0\Data\killchain\detects 08/16/2021 12:20 PM <DIR> . 08/16/2021 12:20 PM <DIR> .. 08/16/2021 09:34 AM 636 0349c190-4ac3-4da4-9b64-07835298660f.zip //this is an archive with killchain info 08/16/2021 12:18 PM 696 1d306aa7-f37f-4ab2-969e-d337d398a995.zip 08/16/2021 09:34 AM 637 23a5dc93-5776-43c8-b949-79c102aa1184.zip 08/16/2021 12:19 PM 691 27bc9ea3-200b-49d2-b8b0-df7954cd428a.zip 08/16/2021 12:19 PM 683 40673c70-9e8e-420f-b5ce-65b406862b94.zip 08/16/2021 12:19 PM 688 590b6e30-4509-4b25-bdb0-062f89b7e062.zip 08/16/2021 12:20 PM 693 67993612-dc82-45a2-9e5b-74756adc46eb.zip 08/16/2021 12:20 PM 685 6a892bd1-f452-42d0-80b0-cb953cd7fc26.zip 08/16/2021 12:19 PM 686 a63fbafa-fcef-46f7-935f-42be4392a172.zip 08/16/2021 12:19 PM 699 d9d4f5eb-42b2-4460-8f8a-eb63bbef8791.zip 08/16/2021 12:19 PM 686 f6042624-9840-4a6e-9b30-9270cce22236.zip 11 File(s) 7,480 bytes 2 Dir(s) 240,763,092,992 bytes free

I read online that Disabling Enable Secure Keyboard Input would fix this issue? Also that kaspersky web protected browser. I have it turned on for a few banking sites. What I notice is when I have it on, my mouse lags a lot when moving it around my screen. Is this normal? I use this laptop with an external monitor and notice many times I can’t even move the mouse to the other monitor and I have it on EXTEND. But if I turn this off, is that fine? So would disabling both of these things be fine? Or would it jeopardize the internet security of kaspersky? Because I can’t even type on the address bar because of this no matter with the laptop keyboard, external keyboard or even the windows or kaspersky on screen keyboard.

I don't understand. Your link takes me to my account and my Kaspersky Plus subscription, but the only options there are to cancel the subscription. That looks increasingly likely. On my desktop, Kaspersky says it is still "preparing to launch the application". It's been doing that for the past hour. What should I do? PS: I am in Europe, your website says: "Kaspersky Standard, Plus, and Premium do not require activation codes."

Hello @emaranhao, Thank you for posting back & the information! So, for clarity, the steps to solve, have now changed from (1) restart Kaspersky to (2) deactivate Secure keyboard input - is that correct? Re Kaspersky Security Cloud (KSC) version 21.3.10.391(x), which patch(x), x = letter, on the Windows Taskbar or hidden icons, rightclick the Kaspersky icon, select About? Is Windows fully updated, with all Updates showing a Successfully applied status? Have the Keyboard drivers been updated / checked / refreshed? In the year the physical keyboard has been intermittently freezing, has KSC been fully uninstalled, saving License information *only*, leaving all other check-boxes unchecked / blank & clean installed? Is KSC Premium or Free? Please post back? Thank you? Flood?+?

Hello @vterra8871 As well as above posts. Try this Script To disable hardware virtualization in Windows, you would typically need to access your computer's BIOS (Basic Input/Output System) or UEFI (Unified Extensible Firmware Interface) settings. These settings can vary depending on your computer's manufacturer and model, but the general process is as follows: 1. **Restart Your Computer**: Begin by restarting your computer. 2. **Access BIOS/UEFI Settings**: As your computer starts up, there is usually a specific key or combination of keys you need to press to access the BIOS or UEFI settings. This key is often displayed on the screen briefly during startup. Common keys include Del, F2, F10, or Esc. Press the appropriate key(s) repeatedly until you enter the BIOS or UEFI interface. 3. **Navigate to Virtualization Settings**: Once in the BIOS/UEFI settings, use the keyboard to navigate through the menus. Look for a section related to "Virtualization," "Advanced CPU Configuration," "CPU Features," or something similar. The location and naming of this section can vary, so refer to your computer's manual or online resources if needed. 4. **Disable Hardware Virtualization**: Within the virtualization settings, you should find an option to enable or disable hardware virtualization. This option might be named "Intel Virtualization Technology," "VT-x," "AMD-V," or something similar, depending on your CPU manufacturer. Use the keyboard to select the option and disable it. 5. **Save Changes and Exit**: After disabling hardware virtualization, navigate to the "Save and Exit" or similar option in the BIOS/UEFI settings. Confirm that you want to save the changes and exit. Your computer will restart. Please note that the exact steps and options might differ based on your computer's hardware and BIOS/UEFI version. Additionally, disabling hardware virtualization may impact the performance of virtualization software like VMware, VirtualBox, or Hyper-V. Make sure you have a specific reason for disabling hardware virtualization and that you fully understand the implications. If you're not comfortable making changes in the BIOS/UEFI settings or are unsure about the consequences of disabling hardware virtualization, it's advisable to seek assistance from someone with experience or consult your computer's documentation. Remember that making incorrect changes in the BIOS/UEFI settings can potentially lead to system instability or inoperability, so proceed with caution and only make changes if you are confident in what you are doing. Thank you

Thank you for the quick response. I did do, what you had suggested, prior to posting my question. That is disappointing to find out you cannot disable the tiny Quick Launch Keyboard. I also have had problems on the Android app where it continually insists I turn-off the Allow App Install from Unknown Sources option...even though I have told the app to IGNORE multiple times. Also, the desktop app continually tries to install the VPN. I DON’T WANT THE VPN!!! I ALREADY HAVE A VPN!!! I thought I would give Karpersky a try this year...BIG MISTAKE!!! Very disappointed!

I created a pdf file days ago by combining multiple images and compressing it using adobe acrobat PC ver. It looked fine at the time. Now when I open it, it's a completely different file. It has the content of another pdf file on my pc but has the size of the original one, and yet worse, it has a creepy cyphered message? It freaked the sh*t out of me. I scanned the file using Kaspersky, but the results were negative: "no threats". I ran a quick scan, also turned out negative. I'm currently running the full scan. Could there be a virus on my PC that Kaspersky isn't able to detect? What do I do?

Apologize once again but this report should not be clarified as closed since this abnormal symptom with report window not registering rootkit or quick/complete scans still happening even with Kaspersky Standard 21.18.5.438(a). I can't record properly this bug because there are moments the scan will be registered and displayed and sometimes not. Ever since Kaspersky Standard 21.17.7.539 which I have firstly see happening on May untill September with actual version KS 21.18.5.438(a) this unknown behavior have been going and the company should be aware of it. Whenever I execute these scans if I don't keep report window opened, there is a chance the task is not being saved and registered with full detail on report window so with my last studies about this bug. Having opened and minimzed report window whenever scans are about to finish. The task will display as they are ongoing but at the end when is over. The scan is saved, being registered and display but if I close report window or click to update there is a %60 of chance that task will not be registered or displayed on report window. I'm annoyed to know that I have been facing this bug for a while and I would like revive the situation regarding this unknown bug which started at May 9th accordingly to my first post.

Well I'm going wait till the company update the version and solve as they should because It have been recently I've installed KS onto my PC and I really not in the mood to uninstall or repair while protection gets disabled meanwhile I try to fix this functionality. There alternative method which I never used before is 'Selective/Selected scan' and if I want to verify a single file. All that I need is to copy the destination path and add '\xxx' at the end of destination. So I'm hanging on using this method to run quick scans onto singular files and not a subfolder. I'm going keep waiting till company fix this.

Hello, Im having a problem with a website, where i get an rerror code when trying to go to check out. Here is the rerror code: HEUR:Trojan-PSW.Script.Generic. I also get this message: Prevented the download of a malicious file or other object designed to infect your computer with malware that will slow it down, destroy your system, or cause other problems. We protected you from downloading this object. You can safely close this window. The problem is that i have never had an issue with website before. here is link to the page https://www.hijabhus.com/quick-order. Could this maybe be a false flag?

It appears that all Kaspersky extensions ✅ can in fact be installed without searching for them through the Chrome/Edge/Firefox extension stores! I was only aware of this now and I will explain it below since it wasn't very clear even to me who I've been using Kaspersky products for many years. To install Kaspersky Protection extension: Open your Kaspersky for Windows app, search for "extension" in the search box, and there you will find all the extension-related info. I already had all the extensions installed, so I made a quick test by deleting KP extension for Firefox, but it was still stuck to "On" even when I restarted Kaspersky Plus & Firefox. However, once I restarted both apps I got a Windows pop up from Kaspersky Plus asking to install the extension for Firefox. If you weren't successful with installing the extension this way, just install it through the link here (link is alive when writing this post): https://chromewebstore.google.com/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm For more info: https://support.kaspersky.com/common/start/12782#block4 To install Kaspersky Password Manager extension: Open your KPM for Windows > Settings > Browsers, then just click on install from there. I tested it on Firefox by deleting my extension then re-installing it through here. It started downloading the extension by itself and I was able to install it like usual. Hopefully things will continue working nicely like this for all of us who are not living in USA! I can't verify if this will work for US-residents, so maybe someone try this and let us know? Thanks to everyone who tried to help. This thread is now solved.