Search the Community

Hey guys, My patience is over. Nothing works. all checks are off but Kaspersky keyboard pops up on my Mac regardless whether Kaspersky Internet Security is on or off. please help.

If I could join this conversation, I’m having the same problems. What’s really annoying is that I scanned the program (with KIS) before executing it, and also asked Kaspersky for its opinion. Neither came up with errors. I don’t know why ImgBurn has Fusion.dll - I already have 8 copies of it on my PC! Here’s the log for the attempts (I tried twice): 16.03.2020 10.52.56 Adware removed D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe Object: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe Object name: not-a-virus:UDS:AdWare.Win32.Agent.xxdvoa Application: ImgBurn Installer Application path: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe 16.03.2020 10.52.43 Ignored legitimate software that can be used by criminals to damage your computer or personal data D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe//$PLUGINSDIR\Fusion.dll Object: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe//$PLUGINSDIR\Fusion.dll Object name: not-a-virus:Downloader.Win32.Funshion.ao Application: ImgBurn Installer Application path: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe 16.03.2020 10.52.43 Detected legitimate software that can be used by criminals to damage your computer or personal data D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe//$PLUGINSDIR\Fusion.dll Object: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe//$PLUGINSDIR\Fusion.dll Object name: not-a-virus:Downloader.Win32.Funshion.ao Application: ImgBurn Installer Application path: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe 16.03.2020 10.52.42 Application added to the High Restricted group ImgBurn Installer Application: ImgBurn Installer Reason: scan results Application path: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe Time: 16/03/2020 10:52 16.03.2020 10.30.18 Adware removed D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe Object: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe Object name: not-a-virus:UDS:AdWare.Win32.Agent.xxdvoa Application: ImgBurn Installer Application path: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe 16.03.2020 10.30.03 Ignored legitimate software that can be used by criminals to damage your computer or personal data D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe//$PLUGINSDIR\Fusion.dll Object: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe//$PLUGINSDIR\Fusion.dll Object name: not-a-virus:Downloader.Win32.Funshion.ao Application: ImgBurn Installer Application path: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe 16.03.2020 10.30.03 Detected legitimate software that can be used by criminals to damage your computer or personal data D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe//$PLUGINSDIR\Fusion.dll Object: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe//$PLUGINSDIR\Fusion.dll Object name: not-a-virus:Downloader.Win32.Funshion.ao Application: ImgBurn Installer Application path: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe 16.03.2020 10.30.01 Application added to the High Restricted group ImgBurn Installer Application: ImgBurn Installer Reason: scan results Application path: D:\PC Software\Imgburn\SetupImgBurn_2.5.8.0.exe Time: 16/03/2020 10:30 16.03.2020 10.23.42 Quick Scan No threats detected Detected: 0 Neutralized: 0 Not disinfected: 0 Release date of databases used for scan: 16/03/2020 05:09 Total duration: 49 seconds Completion time: 16/03/2020 10:24 16.03.2020 10.21.35 Update of databases and application modules Completed. Average download speed:: 207.08 KB/s Status:: Completed. Downloaded and updated:: 806.95 KB Total duration: 52 seconds Time: 16/03/2020 10:21 16.03.2020 10.12.14 Search for application updates Search completed, no available updates Important updates available: 0 Recommended updates available: 0 Started: Automatically Status: Completed Time: 16/03/2020 10:12

Thanks Nexon a lot clearer now :-) Flood following a previous conversation its another example why installing and using KSC as is is the way to go. The program is taking care of everything by itself, no real need to tweak it. 1- Rootkit scan is basically a quick scan running automatically every day 2- Idle scan is basically a full scan running randomly during a month 3- Auto scan is scanning external drive on access Not much else to look for ... IMHO adding a scheduled scan full or quick isnt really necessary since all the work seems to be done in the background. Scheduling a scan is more or less a feel good thing I would say. So to feel good Ill keep doing a full scan a month :-) but honestly I dont know why LOL

Hello @Mr. T, Thomas, Thank you, I understand👌 It’s sounds as if a succession of issues has had a cumulative effect🤔 (imo), the first step is to re-establish/verify your identity, Facebook will do this if the identity documents are valid, also, there’s alternative documentation that can be submitted, try to provide as much valid ID as possible. Having a quick look at Facebook/VPN topics, this comes up: quote The irony here is that people who use VPN services to protect their online identity can find themselves locked out of their Facebook accounts BECAUSE they're on a VPN. Yes, a VPN can sometimes trigger Facebook's security protocols and get you locked out of your own account. end quote Once you’ve re-established the Facebook account access you need to engage with the Facebook Team, ask them what are their rules, what happens, when a VPN is used? Thank you🙏 Flood🐳

Hello @Sister Sabina, 😮 That was so quick😁 !! I’m still wrting up all the steps, please have a ☕ break, do not do anything until I post please? Thank you🙏 Flood🐳

Hello everyone, Chrome managed by your organisation. I have just done a fresh Windows installation after I grew suspicious of my system's behavior. My virus- and malware programs never detected anything strange. After install I looked for a new free reliable virusscanner and came across Kaspersky Security Cloud. Today I noticed that in Chrome's tools option it says ‘managed by your organisation’ . A quick google search indicates this might be malware, as it is my home PC and I am not part of a network/organisation. Visiting the link chrome://management/ shows the same message. Should I be worried, or is this part of the Kaspersky Protection chrome extension which I agreed to install? How to fix it? Thanks in advance.

BTW Flood , how could you get the amount of files scanned by Rootkit scan ? I have no problem getting them for quick or Full, but I cant seems to be able to find a way for the rootkit scan , the only thing I can get is the time taken , or the start and finish time

Flood, Your test showed that the 2 scans are pretty similar . Confirming Yuri’s explanations . Following our last exchange I reset KSC Free to the default configuration just to start with a fresh set up, than I checked the box enabling the rootkit scan , rootkit scan being the same than quick scan but using less ressources , and I scheduled a full scan weekly. Thats it I wont play with it anymore . Once again merci Flood for this interesting exchange :-)

Hello @homer1959, You’re most welcome👌 Just as an experiment I ran both Quick & Rootkit Scans with logging on, Quick Scan has 3767 entries, Rootkit Scan 3969, looking at the Reports, there are differences, however, I’ll leave you to do that side of the 🕵 . Really, there’s no harm running a Quick Scan if you get the urge, same for the Rootkit Scan, the features are there to be used or not, the choice is yours. I think you’re summation is a good one, as long as you remember the golden rules, if (we) make risky/silly decisions in / on the digital world, nothing is 100% guaranteed😉 Thank you🙏 Flood🐳

Hello @homer1959, You’re very welcome! Thank you for replying and your questions👌 I hadn’t forgotten you, I was waiting untill I had enough data to provide with my reply… Q1. Yes. Q2. First, looking at my data: Rootkit scans run for a significantly longer time than Quick scans. a] As I said in my first reply, personal choice plays a role, I’ve read various commentary from very trusted and experienced Community members who report they never use the Quick or Root scan features; me otoh, use a combination of all availbale scans, at different times, for different reasons. b] I think the majority of us use a Full scan after any major changes to (our) systems. c] The Performance section of Kaspersky applications is designed in such a way, to offer Kaspersky Users options that lessen the impact on (their/your) system. d] As the Scan Reports don’t provide extensive detail, I suggest you turn on Log non-critical events, run both Scans, observe the data, make a decison based on your needs and the data. ⚠ Don’t forget to turn Log non-critical events OFF, after you’ve done the tests, otherwise you’ll end up with a system full of logs😲 e] As Vulnerability scan has not been mentioned, I’ll throw it into the mix. Please post back if any concerns remain? Thank you🙏 Flood🐳

Hello @FLOOD . Ty for your attention! I still have some doubts. Could you help with it? If i choose to use any of those browsers, without installing the Kaspersky Protection extension; i would certainly not be able to (i) use anti-banner, (ii) on screen keyboard, (iii) safe money, (iv) private browsing and (v)kaspersky url advisor, BUT the protection would be affected in some way? For example, the so called - Dangerous Content Blocking - wouldn’t work and i would be vulnerable to pishing attacks? The same idea would apply for Brave browser as i cant install the extension???? I noticed that kaspersky anti-banner, url advisor and maybe other things are indeed working with the new Edge without the extension. But this is causing some problems. For example: i entered a site, with Edge, that advised me to disable the addblock (i was not using one with Edge). It took some time till i notice that Kaspersky was the responsible. I could confirm it, by checking the log reports of the anti-banner function, and noticing it was blocking ads in Edge. This is a problem, cause there isn’t an easy way to disable kaspersky antibanner for specific sites in Edge. Tyvm for the help!

In the description page of Kaspersky protection, it mentions “The Kaspersky Protection extension ensures operation of the following protection features: - Safe Money – protects your payments by opening sensitive websites in Protected Browser. - Private Browsing – informs you about attempts by websites to collect your data and allows you to block collection. - Kaspersky URL Advisor – marks search results with colored indicators according to the link’s security level. - On-Screen Keyboard – prevents malware from intercepting data entered in website forms. - Anti-Banner – blocks advertising banners on websites. - Dangerous Content Blocking - prevents a website from loading if it is deemed a dangerous or phishing website by Kaspersky.” I don’t need private browsing, anti-banner i already have extensions for that. I could use Safe Money, keyboard and URL advisor but none seems to work with Brave; and only url advisor works with the new Edge, wich are the browsers i currently use. Furthermore, kaspersky insists in don’t release an extension compatible with Brave and the new Edge despite a lot of users requests... But i’m worried about protection, as the extensions descriptions mention it is needed to “prevents a website from loading if it is deemed a dangerous or phishing website by Kaspersky”., i’d like to know if using Brave or the New Edge without the extension could impact pishing protection (or any other type of protection) from kaspersky. The extension is REALLY needed for that? “bonus”: do you intend to release a compatible extension with Brave? When? I checked you are already testing on with the New Edge, so i’m waiting for that too

Fake Ripple site Fake Stellar site (same IP/ASN) English version added: 1.[?Initial report sent] >Lambrion March 5, 2020, 15:07 > > Hi, > this IP is used to spread malware. > ☣ 217.8.117.76/yesis.exe > ☣ 217.8.117.76/tools/ports/apps/login.php > > Hi, this IP is used to distribute malware. [⬆First message] [?Reply recieved] Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom 'GRANDCOSMETIC' - Technical Department <abuse@grandcosmetic2.ru> March 5, 2020, 18:09 Hello. Have you been affected by this malware? - Sincerely. Technical Department - Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom GRANDCOSMETIC. [⬆First reply] 2.[?Report reply sent] Lambrion March 5, 2020, 15:25 > Hello > I am a malware hunter and phishing lover. I am not a victim. > I report fraud to the authorities and relevant persons (hosting, domain registrar, etc.) > My data is safe. > I hate hackers. > I hope for your cooperation. > Thanks for the quick reply! [⬆Second message] [?Reply recieved] Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom 'GRANDCOSMETIC' - Technical Department <abuse@grandcosmetic2.ru> March 5, 2020, 18:31 Thank you, we took note of your answer. - Sincerely. Technical Department - Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom GRANDCOSMETIC. [⬆Second reply] 3.[?Report reply sent] Lambrion March 6, 2020, 4:13 > Hello > Thanks for deleting the executable file (remcos RAT). > > However, the communication of the control and control center is still alive (amadey) > > curl -o / dev / null -s -w "% {http_code} \ n" 217.8.117.76/tools/ports/apps/login.php > 200 > > In your jurisdiction again there are two fake sites that impersonate Ripple and Stellara. > > Who controls the security of this IP address (why are there so many fraudulent activities?) > > What is Grand Cosmetics? Do you have an office where I could visit? [⬆Third message] [?Reply recieved] Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom 'GRANDCOSMETIC' - Technical Department <abuse@grandcosmetic2.ru> March 6, 2020, 8:01 Hello. In accordance with federal law, you can leave us an appeal in electronic form. To do this, compose a letter in PDF form with a standard request header. Be sure to include your name, passport number and return address for the answer. Our legal department will send you an official response to the request in paper form. P.S. Your Russian is "wonderful!". - Sincerely. Technical Department - Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom GRANDCOSMETIC. [⬆Third reply] 4.[?Report reply sent] Lambrion March 6, 2020, 5:21 > Hello > > Thank you very much for the quick reply. > Excuse me, Russian is not my native language. And my language skills are not the topic. > > When I try to open a website for grand cosmetics, nothing happens. > I was curious what is the nature and purpose of this website? (other than serving malware) > > I do not have a full name, I am not a citizen of Russia. > > Regards, > Lambrion [⬆fouth message] [?Reply recieved] Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom 'GRANDCOSMETIC' - Technical Department <abuse@grandcosmetic2.ru> March 6, 2020, 15:49 If you are not a citizen of the Russian Federation, then why write to mail.ru. This mail is mainly used only by citizens of the Russian Federation. - Sincerely. Technical Department - Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom GRANDCOSMETIC. [⬆fouth reply] 5.[?Report reply sent] Lambrion March 6, 2020, 16:13 > Hello > > Who can and cannot use mail.ru does not concern our conversation! > (If you read the user agreement, you will see that mail.ru is available worldwide.) > In any case, this is not your concern! > Why do you ask me inappropriate questions and shy away from a real problem? > > 1 What is Grand Cosmetics? > 2 Why is a network in your jurisdiction a cesspool, fraud and phishing? > 3 Does Grand Cosmetic even have an office, phone, employees, or an imaginary sock-puppet registered only for online crime? > > Try to answer them and not have a conversation in the relevant areas. > > Regards, > Lambrion [⬆fifth message] [?Reply recieved] Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom 'GRANDCOSMETIC' - Technical Department <abuse@grandcosmetic2.ru> March 6, 2020, 19:21 Hi, Why don't you go to hell and dodge the real problem? Or do Bulgarians understand poorly? Your IP is clearly visible. For all 3 questions you need to go fuck yourself - there you will find all the answers. - Sincerely. Technical Department - Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom 'GRANDCOSMETIC' [⬆fifth reply] 6.[?Report reply sent] Lambrion March 6, 2020, 16:38 > Hello > > Thank you for confirming my assumption that you are a cybercriminal. > Do you think Russia is a wild west? > > Without respect, > Lambrion [⬆sixst message] [?Reply recieved] Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom 'GRANDCOSMETIC' - Technical Department <abuse@grandcosmetic2.ru> March 6, 2020, 19:40 Hey. Thank you for contacting. Fuck you on the side of Bulgaria - if you haven’t understood yet. - Sincerely. Technical Department - Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom GRANDCOSMETIC. [⬆sixst reply] 7.[?Report reply sent] >Re: Remcos rat - amaday c2 217.8.117.76 > Lambrion > Yesterday, 20:01 > To: Obshhestvo Ogranichennoj Otvetstvennosti Torgoviy Dom 'GRANDCOSMETIC' - Technical Department > Hey > Easy on swear words. it makes you look like a weak screaming baby. > > A criminal case may be instituted on the basis of the corpus delicti provided for in Art. 272 and Art. 158 of the Criminal Code of the Russian republic. > > Lambrion [⬆last message] -------------------------------------------------------------------------------------------------------------------------------------------- Re[2]: remcos rat - amaday c2 217.8.117.76 Lambrion Вчера, 20:01 Кому: Торговый дом ГРАДКОСМЕТИК - Технический отдел Хей, Легко на ругательствах. это делает тебя похожим на слабого кричащего ребенка. Уголовное дело может быть возбуждено на основании состава преступления, предусмотренного ст. 272 и ст. 158 УК РФ. Ламбрион Delivered-To: urm@mail.ru Return-path: <abuse@grandcosmetic2.ru> Authentication-Results: mxs.mail.ru; spf=pass (mx290.i.mail.ru: domain of grandcosmetic2.ru designates 31.31.198.59 as permitted sender) smtp.mailfrom=abuse@grandcosmetic2.ru smtp.helo=server252.hosting.reg.ru Received-SPF: pass (mx290.i.mail.ru: domain of grandcosmetic2.ru designates 31.31.198.59 as permitted sender) client-ip=31.31.198.59; envelope-from=abuse@grandcosmetic2.ru; helo=server252.hosting.reg.ru; Received: from server252.hosting.reg.ru ([31.31.198.59]:56478) by mx290.i.mail.ru with esmtp (envelope-from <abuse@grandcosmetic2.ru>) id 1jAGxR-0002Hg-Td for urm@mail.ru; Fri, 06 Mar 2020 20:40:22 +0300 Received: from [2620:18c::213] (helo=[0.0.0.0]) by server252.hosting.reg.ru with esmtpa (Exim 4.92.3) (envelope-from <abuse@grandcosmetic2.ru>) id 1jAGxQ-0006xr-QV for urm@mail.ru; Fri, 06 Mar 2020 20:40:21 +0300 Subject: Re: remcos rat - amaday c2 217.8.117.76 To: Lambrion <urm@mail.ru> References: <1583424437.958156533@f543.i.mail.ru> <1583514791.511056217@f427.i.mail.ru> <12e723aa-da7b-b73d-d3a1-48bbaab1d49b@grandcosmetic2.ru> <1583516303.601833114@f468.i.mail.ru> From: =?UTF-8?B?0KLQvtGA0LPQvtCy0YvQuSDQtNC+0Lwg0JPQoNCQ0JTQmtCe0KHQnNCV0KI=?= =?UTF-8?B?0JjQmiAtINCi0LXRhdC90LjRh9C10YHQutC40Lkg0L7RgtC00LXQuw==?= <abuse@grandcosmetic2.ru> Message-ID: <6d3829eb-fe2e-c40f-00d6-e0641241de57@grandcosmetic2.ru> Date: Fri, 6 Mar 2020 17:40:11 +0000 MIME-Version: 1.0 In-Reply-To: <1583516303.601833114@f468.i.mail.ru> Content-Type: multipart/alternative; boundary="------------C0AFA0C5ABD15A08A5D474BE" Content-Language: ru X-6b629377: 1 X-7564579A: B8F34718100C35BD X-77F55803: F5B8231AB9BAF22E892CCD0DCA016AB7D065BFE6A7F09A9C108BE19560300801C21D1426C63EDBABF8FD7B2727D76309DE2B2538A22E64D1 X-7FA49CB5: A9FCD207E66530D8A18204E546F3947C7A515FDF34F84F9C09758206774B3CD2C8A9BA7A39EFB7662E83ADE667D304B3D7494F64F9BEE8B427C277FBC8AE2E8B2F22DFD7D6B35478802C29C4449327C6CC5C424A16BCE87FC740FB2AB57E6C6CA8E2AEA078E063782F22DFD7D6B3547894FF8871F1180B99CC5C424A16BCE87FFBA10D04E2D63E2B7851B713C320A9354CB90F288840EAB77C6AA9E19C22EB2E55B839D036431AF27A7B9548B1944100725E5C173C3A84C3C9CF38C06BD1C8F138D433D53B717345BA69B7DF0B3EA92AC6CDE5D1141D2B1C747F264B7B0ABF2E9E0BCB8028F7DD1FE25A260FD47AB3789FA2833FD35BB23D9E625A9149C048EE9ECD01F8117BC8BEA471835C12D1D9774AD6D5ED66289B524E70A05D1297E1BBF6B57BC7E64490611E7FA7ABCAF51C92A417C69337E82CC2CC7F00164DA146DA6F5DAA56C3B73B239DAA53EE0834AAEE X-C8649E89: BE5A7AB57E2DBE6AE088E4072CB4DF637D902661114B8A02D0ADFAF29BA73986120578E5FA9525869F595CEF8576C34B X-D57D3AED: Y8kq8+OzVoxvgW9Op3aR8JIWkI04tNS9G0g+gzS0PKeJDOBrL//rLYldd2avYxhfs9M+DuXTOBSH/SnnzuO3ddisQ15P6iVseqrIhHPnkjzGnNmEoRQLmQ== X-F696D7D5: 6M4XxogNP2yIlFphNMH5458tG9yKbr12PTDSybm6b9rglJpyBuU9Lw== X-Mras: Ok X-Spam: undefined X-Mailru-Intl-Transport: d,84f2145 Торговый дом ГРАДКОСМЕТИК - Технический отдел <abuse@grandcosmetic2.ru>6 марта 2020, 19:40 Привет. Спасибо за обращение. Нахуй это в стороне Болгарии - если вы еще не поняли. -- С уважением. Технический отдел - Торговый дом ГРАНДКОСМЕТИК. ОБЩЕСТВО С ОГРАНИЧЕННОЙ ОТВЕТСТВЕННОСТЬЮ "ТОРГОВЫЙ ДОМ "ГРАНДКОСМЕТИК" Действующая организация ОГРН 1165275048685 от 22 сентября 2016 г. ИНН/КПП 5261107660 525901001 Дата регистрации 22.09.2016 Уставный капитал 100 000 руб. Все реквизиты (ФНС / ПФР / ФСС / РОССТАТ) Юридический адрес 603148, Нижегородская область, город Нижний Новгород, улица Чаадаева, дом 44а, пом 4 кабинет 12 Руководитель Генеральный директор Бараненков Антон Геннадьевич с 22 сентября 2016 г. Основной вид деятельности Торговля оптовая парфюмерными и косметическими товарами (46.45) Все виды деятельности (16) Налоговый орган Инспекция ФНС России по Московскому району г.Нижнего Новгорода с 31 мая 2017 г. Коды статистики ОКПО 04693862 ОКАТО 22401370000 ОКОГУ 4210014 ОКТМО 22701000001

Hello @Chequers, Thank you for replying👌 I added an image to my previous reply, you were too quick for me😉 Regarding “how can I connect to some sites, which keep showing up in German, or saying I can’t purchase from them, because they don’t ship to Germany?” Is it necessary to use a VPN to connect to the sites? Please provide me with a couple of site names to allow me to test & work out the best solution for you? Additional free Kaspersky Secure Connection information: The daily data allowance is 200mb, if a one time connection is made to (your) MyKaspersky account the daily data allowance increases to 300mb daily. The free Kaspersky Secure Connection has no Technical Support. The free Kaspersky Secure Connection may have “promotional” (a fluffy word for advertising) & informational material. The free Kaspersky Secure Connection has no “switch” to select to choose not to receive promotional & informational material. Please let me know? Thank you🙏 Flood🐳 Resources: What is Kaspersky Secure Connection About Kaspersky Secure Connection Kaspersky Secure Connection: available versions and subscription options

I have a question regarding Kaspersky Total Security. I have been trying to play a Steam game called Resident Evil 4, aka Biohazard 4. I noticed that when I launch this game and try to play my Kaspersky usage in my task manager goes to 27% and stays around 24-28%. I don’t think that this is normal but I could also be wrong. I have gone throuth the check lists of having “Idle Scan” set to off as well as “release resources to the operating system when computer starts”. As well as “Search for system malicious programs in system rootkits”, so far nothing has changed the Kaspersky usage. I also, by default have “gaming mode” set to on. Besides this, I think the only thing I can do is play with Kaspersky set to off. I recently did a new reformat of my SSD of which my OS is installed on, Windows 10 (64Bit), I have Kaspersky installed on my main SSD and my games from Steam installed on a different SSD. For my computer I have a, 4770k non OC, a GTX 1080, and 32Gigs of RAM on a 4k TV. I have HDR off and for this game I set the native resolution to 1080p. Am I doing something wrong?

Flood , thanks for your input here , here is one more for you :-) If a Rootkit is not in: system memory, boot sectors of the disk, and objects loaded at operating system startup it will not be found by a Quick scan So I understand that a Rootkit can be located in the computer but not necessarily in system memory, boot sectors of the disk, and objects loaded at operating system startup ? Hence the need for regular Rootkit scan Am I right ? So if its the case , and if rootkit scan , scan the very same thing than Quick scan but only deeper to find hidden Rootkit then….. who needs a scheduled quick scan when one have the rootkit scan that is taking care of everything on a daily basis while using less ressources ?

Hello @homer1959, To add to the “discussion”: What is a rootkit and how to remove it - Serge Malenkovich Rootkits may be found in any of the following: System memory, boot sectors of the disk, and objects loaded at operating system startup. Kaspersky Security Cloud Quick scan scans the system memory, boot sectors of the disk, and objects loaded at operating system startup. If a Rootkit is not in: system memory, boot sectors of the disk, and objects loaded at operating system startup it will not be found by a Quick scan. (imo) these valuable discussions always add to broader understanding of Kaspesky’s products, features & functions. Thank you🙏 Flood🐳

Nexon , I was ok with your post up to the last sentence… 😉 apparently quick and rootkit scan ARE the same , but not processed the same way . For what I understood the rootkit scan is a quick scan but with the portion rootkit done at a lower speed using less ressources while the quick scan portion is done normally , both are happening at the same time … well thats what I understood

Rootkit scan štarte Every Day and checking critical plces where should be hidden rootkits. I enable it and checking Everyday 8 minute scaning few tousend files 8000... For safety Let it enabled. Full scan and Quick scan are different scan.

Dennis , thanks for the link … so for what I understood from Yuri is that KSC gave us the option of scheduled quick scan but the protection would be the same with or without . So if we just install KSC as is , and forget about the scheduling option or else we are fully protected and most of the options are redundancy of what is already running automatically behind the scene . Looks a lot like the approach choosen by Bitdefender free . Install and forget . KSC also let us choose install and forget but also left few options for us to play with however the more I read about it the more I am encline to just return KSC to default setting ( adding only a full scan a month ) and forget about it , like I was doing with Bitdefender free when I tried it … Need to say that I came back to KSC form Bit free and that I am satisfied with KSC not that I feel much more secure , but I like the fact that KSC let us know what is happening behind the scene , something lacking badly with Bit free. Thanks KSC for this free and excellent product

Hello @homer1959, Welcome! Personal choice plays a role here, Quickscans & Rootkit scans are different. Quick scans, scan objects loaded at the startup of the operating system, System memory and Disk boot sectors. Some people believe Rootkit Scans affect performance, other people do not have the same concerns. Rootkit scans cannot be managed via the Kaspersky Security Cloud Scan feature/interface, to enable or disable Rootkit scans, Search for software that is intended to conceal traces of a malicious program in the system (rootkits) is enabled or disabled depending on your requirements. The Search for software that is intended to conceal traces of a malicious program in the system (rootkits) check box enables / disables regular scanning of the operating system for rootkits in background mode. If this check box is cleared, Kaspersky Security Cloud does not perform regular rootkit scans. Kaspersky Security Cloud provides comprehensive realtime protection, as well as the option to use: Full Scan Quick Scan Selective Scan External Device Scan Rootkit Scan Idle Scan Advanced Disinfection Thank you🙏 Flood🐳 Resources: Kaspersky Security Cloud Scan & Kaspersky Security Cloud Quick Scan

Hi, I’ve read somewhere that I dont really need to schedule a daily quick scan to increase my computer security if Kaspersky cloud free is doing a Rootkit scan everyday by default , is it true ? Thanks

Hello im using kaspersky endpoint security , I habe just upgraded my application and deployed to pc s but now the pc s are unusable due to kaspersky has blocked the keyboard and I cant press control alt delete. Can anyone help me please

Hello @Burn4U2077, Welcome! Please provide more information so we understand the issue (for you) please? Please export the KIS, All events, 7days Report, save as a .txt file & attach📎 to your reply? For clarification: If “it’s” a new Chrome feature it’s out of scope for Kaspersky. The Log non-critical events, is not a scan, it is part of a trouble shooting procedure, suggested to @MDT, to assist them resolve the issue they were trying to resolve. Kaspersky’s documented advice: Scanning files in OneDrive cloud storage In Windows 10 RS3 or later, Kaspersky Internet Security does not scan files in OneDrive cloud storage. If the application detects such files during a scan, it shows a notification stating that the files in cloud storage were not scanned. The following components do not scan files in OneDrive cloud storage: Full Scan Selective Scan Quick Scan Background Scan The report on the operation of Kaspersky Internet Security contains a list of files in OneDrive cloud storage that were skipped during scan. Files downloaded from OneDrive cloud storage to a local computer are scanned by real-time protection components. If a file scan was postponed and the file has been uploaded back to OneDrive cloud storage before the scan is started, this file may be skipped during a scan. When running applications and scripts, the Application Control and System Watcher components download applications from the OneDrive cloud storage to the local computer to scan. Thank you🙏 Flood🐳

@Schulte Hello, Thank you for your quick response to my post. I have tried this but unfortunately it did not help. Thank you.