Search the Community

I got a notification around 2.55pm today (20 Nov 2024) from Kaspersky saying malicious object detected: HEUR:Trojan.Multi.Misslink.a I clicked on it too clickly and was not able to check what the detection item actually was, to diagnose where it came from. Here are the 3 logs for disinfection: How or what can I check or use to determine the source of this registry key that was so threatening? I want to know what malicious launch activity it was doing while disguising itself with Run:Steam.

Autorenewal failed because my credit card expired. I cannot find anywhere to supply new card details. When I 'retry' card, and enter new details there, I get an error. How do I fix this?

Hello @RDB, Welcome back! Doesn't happen for us - image 1, not *forced* to use SK: after *manually* starting SK, SK works with expedia, image 2 Please tell us: *which* computer OS version & build, Windows Search, type WINVER, open the WINVER app & post back the information OR macOS, read: Find the name and version number of a Kaspersky application? Which Secure keyboard input options are selected - image 3? Does adding an exclusion help - image 4? Try another browser or try the browser in Incognito / Private mode? Restore browser settings to the original defaults -> chrome://settings/reset & recheck? In Kaspersky Reports, Safe browsing - are there any Expedia errors? IF the issue persists -> log a request with Kaspersky Customer Service - https://support.kaspersky.com/b2c#contacts, on the support page, select either Email or Chat, then fill in the template as shown; please include a *detailed history*, include screen-prints & OR video IF they show the issue: *Also - IF using Chat - ask the operator to email (you) a copy of the chat transcript *before* ending the chat - otherwise (you'll) have no record of the chat* Thank you? Flood?+?

Hello @jawckey, Welcome! In Safe Money settings - make sure *all* settings are as shown in image 1, especially Run Protected Browser & To proceed to websites from the Safe Money window, use Default browser In the actual Safe Money browser (you) may wish to add shortcuts for the websites (you) commonly use - image 2 In Safe Money websites, again, (you) may wish to build a list of websites (you) commonly use - image 3 Using these - we - can use the Safe Money browser without it 'spawning' new tabs, once it's running - we simply go to the Chrome search field OR the URL field & type in our required www & it goes directly to the site OR - if our search is generic - a list of potential sites - but no spawning of new tabs without opening a www. *Also* - at "when I restart my windows 11 desktop, I launch a normal chrome window." - why not *launch Safe Money browser* right from this starting point - either from Safe Money shortcut (on desktop) OR from Safe Money websites - in the Kaspersky application? & (ioo) - "restarting the desktop" is an extreme measure - kill the Safe Money Chrome browser - via Windows Task manager Any issues or concerns please post back? Thank you? Flood?+? Resources: Read: Safe Money Safe Money settings

The Evolution of Cybersecurity: A Look at Emerging Threats and Solutions In today’s interconnected digital world, the cybersecurity landscape is in a constant state of flux. As technology evolves, so do the tactics and tools of malicious actors. At Kaspersky, Threat Research teams are at the forefront of identifying and combating these emerging challenges, offering insights that help individuals and organizations stay ahead of the curve. Here’s a deep dive into the latest trends and how businesses can bolster their defenses against the threats of tomorrow. 1. The Rise of AI-Driven Cyberattacks Artificial Intelligence (AI) is no longer just a tool for defenders; cybercriminals are leveraging it to automate attacks, develop polymorphic malware, and evade traditional detection mechanisms. AI-powered tools are being used to: Create highly personalized phishing campaigns using real-time data. Generate malware capable of adapting its code to bypass security solutions. Launch Distributed Denial of Service (DDoS) attacks with unprecedented precision. What You Can Do: Adopt AI-powered cybersecurity solutions that can analyze patterns and adapt defenses dynamically. Behavioral analysis tools, such as Kaspersky Endpoint Detection and Response (EDR), are crucial in detecting anomalous activities early. 2. Supply Chain Attacks on the Rise Supply chain attacks continue to grow in complexity. Attackers target third-party software providers or infrastructure to infiltrate larger organizations. Recent studies by Kaspersky Threat Research indicate a 30% increase in such incidents in 2024 alone. Key Examples: Compromising trusted software updates (e.g., the SolarWinds incident). Infiltrating critical cloud service providers to gain broader access. Defense Strategy: Regularly audit the cybersecurity practices of your third-party vendors. Use solutions like Kaspersky Endpoint Security for Business, which monitors software behavior across your network to flag suspicious activities. 3. Cybercriminals Target IoT Devices The Internet of Things (IoT) is becoming a favorite target for attackers due to weak security configurations and inconsistent patching. In 2024, over 1 billion IoT devices were exposed to vulnerabilities like default passwords or outdated firmware. Common Targets Include: Smart home devices (e.g., cameras, thermostats). Industrial IoT (IIoT) used in manufacturing and logistics. Mitigation Tips: Segment your network to isolate IoT devices from critical systems. Use secure gateways or hardware that integrates with IoT security platforms like Kaspersky IoT Secure Gateway. 4. The Weaponization of Generative AI Generative AI tools like ChatGPT and MidJourney are now being used by cybercriminals to automate social engineering. These tools can create convincing phishing emails, fake news articles, and even fraudulent documents in seconds. Recent Trends: Kaspersky researchers uncovered phishing kits leveraging AI to mimic corporate branding with near-perfect accuracy, leading to a significant uptick in Business Email Compromise (BEC) scams. Countermeasure: Educate employees about identifying phishing attempts. Combine training with email security solutions that use AI to spot malicious content in real-time. 5. Quantum Computing: A Double-Edged Sword While quantum computing holds promise for breakthroughs in cryptography, it also poses a significant risk. Quantum machines can potentially break traditional encryption algorithms, threatening the security of sensitive data. Future-Proofing Your Data: Transition to quantum-resistant encryption algorithms. Stay informed about the latest standards, such as those from the National Institute of Standards and Technology (NIST). 6. Zero-Day Exploits and Vulnerability Markets Zero-day exploits remain a lucrative market for attackers. These are vulnerabilities unknown to the vendor, allowing attackers to exploit systems without detection. In 2024, Kaspersky researchers identified a new wave of zero-day attacks targeting critical infrastructure. How to Protect Your Systems: Implement multi-layered security solutions, including virtual patching. Regularly update software and firmware across all devices. Conclusion: Staying Resilient in a Dynamic Threat Landscape The cybersecurity battlefield is shifting rapidly, but the tools and strategies for defense are evolving as well. Staying informed about emerging threats is the first step toward resilience. Solutions like Kaspersky Threat Intelligence Services and Kaspersky EDR are designed to provide proactive defense capabilities, helping organizations mitigate risks before they escalate. As we move further into 2024-25, a proactive approach to cybersecurity—one that combines robust technology with informed human oversight—will be key to staying ahead of adversaries. Stay secure, stay vigilant.

Hello @Surfrat, Welcome back! Yes, you can choose how to open On-Screen Keyboard: Open On-Screen Keyboard by pressing CTRL+ALT+SHIFT+P. Show On-Screen Keyboard quick launch icon in data entry fields. The On-Screen Keyboard quick launch icon is displayed in the password input fields on web pages.Click the Edit categories link to open the Categories window. In this window, you can specify on which websites the On-Screen Keyboard quick launch icon for On-Screen Keyboard should be displayed. Click the Manage exclusions link in the Categories window to create lists of websites on which you want to enable or disable display of the On-Screen Keyboard quick launch icon irrespective of the selected website categories. You can use masks when adding exclusions. Resources: About protection of data entered on the computer keyboard About On-Screen Keyboard Thank you🙏 Flood🐳+🐋

Dear Support Team, Please I have my website https://www.cilico.com/ and https://new.cilico.com which does not have a Phishing now. I totally cleaned it but Kaspersky keeps flagging my domain and subdomain as dangerous. This scan shows that no threats were detected in our files, further indicating that these detections are likely false positives. ClamAV Scan Results: However, these domains are still flagged, and our newly developed temporary domain, new.cilico.com, which is scheduled for an upcoming launch, has also been flagged. Kindly reanalyze for me. Help me remove the blacklist. Thank you very much!

Hello DedoP, Welcome! 1. There is no interface language change Setting, (you) need to download & install - Kaspersky Plus - English version - from Kaspersky's Global website, using this link: Kaspersky Plus for Windows® 2. Please follow these images & the read the documentation: Protecting personal data on the Internet About protection of personal data on the Internet About On-Screen Keyboard How to open On-Screen Keyboard How to configure the display of the On-Screen Keyboard icon About protection of data entered on the computer keyboard How to configure protection of data entered on the computer keyboard Any questions or issues, please post back? Thank you? Flood?+?

My Windows 11 device is currently suffering from a problem that makes Explorer to launch extremely slowly and making the context menu almost unusable. The symptom looks like Explorer is taking forever to load Kaspersky's context menu. Uninstalling Kaspersky solved the issue and re-installing it can reproduce the problem. The context menu looks like this if Kaspersky is installed ("正在加载..." means Loading...) When trying to show more options, Explorer will become unresponsive and must be killed using Task Manager. If you wait long enough, the context menu will eventually load. The version of Kaspersky Plus is 21.19.7.527(a). I didn't experience this problem before yesterday, and I haven't downloaded/installed any new software during this time. I checked all other context menu entries and tried to uninstall them, but it seems like it's Kaspersky that is causing the issue. Disabling Kaspersky has no effects, it must be uninstalled for Explorer to function properly again. The last Windows Update is on 10/26 and the patch is KB5044384. I've been using Kaspersky for years and never experienced problems like this. But I think I'll just uninstall Kaspersky for my PC to handle my work properly.

Heyo. I just wanted to add that I have personally have been using kaspersky for years. I have also tested out eset and other AV's but none of them came close to kaspesky's protection. I love kaspersky security software and will be keeping to them. I personally use the Kaspersky Prem. Never have had malware on my PC since. What made me change, is because I used to use AVG, eset, bit defender, quick heal, and a few others (NOT at the same time). Every time I got malware, they did crap all to help remove it. Change to kaspersky. It made sure that my PC was clean befor installing it. And boom nothing since.

Hello @Leo24 To investigate which process or application loaded this DLL and triggered the error, examining the Windows Event Logs and Process Monitor can be very effective. Here’s a step-by-step guide to help you track down the source of the load error: Step 1: Check the Windows Event Viewer The Event Viewer can reveal system or application errors related to DLL loading issues. Open Event Viewer: Press Win + R, type eventvwr, and press Enter. Navigate to System and Application Logs: In the left pane, expand Windows Logs and select System. Look for Error or Warning events that occurred around the same time as the DLL load error. Similarly, check under Application for any error entries related to DLL loading or system issues. Filter Event Logs: You can filter the logs to make it easier to find specific events. Right-click System or Application logs, select Filter Current Log…, and filter by Event level (select "Error" and "Warning") and the time range you suspect. Look for events with ID 1000 (Application Error) or ID 7000 (Service Control Manager). These may indicate specific errors related to failed DLL loads. Analyze the Event Details: Click on any relevant event and review its General and Details tabs. Note any filenames, process names, or paths related to the load error. Step 2: Use Process Monitor to Track DLL Loads Process Monitor (from Sysinternals) is invaluable for tracking file activity and pinpointing which process tried to load the DLL. Download and Launch Process Monitor: You can download Process Monitor from the Microsoft Sysinternals site. Run it as an administrator for full access to system events. Set a Filter for the DLL File: In Process Monitor, go to Filter > Filter…. Add a filter for Path that contains the name of the DLL (e.g., kernel32.dll). Click Add, then OK to apply the filter. Reproduce the Load Error: Try to reproduce the scenario that triggers the load error if possible. Process Monitor will capture the events related to this DLL. If the load error appears randomly, you can simply let Process Monitor run in the background while observing for the error. Analyze the Process Monitor Logs: Look for entries related to the DLL in question. Check the Process Name and PID (Process ID) to identify which application or service was attempting to load the DLL. Examine the Result and Details columns, especially for any entries marked with Path Not Found, File Not Found, or Access Denied errors. Investigate the Process Details: Once you have identified the process triggering the load error, you can investigate further by: Checking if this process has known issues with dependencies or compatibility on Windows 7. Verifying if updates or reinstallation are available for this application. Step 3: Review System Startup and Autoruns If the DLL load error occurs during startup, it may be linked to startup programs or services. Use Autoruns (Sysinternals Tool): Download and run Autoruns. Go to the Everything tab and search for entries related to the DLL or the process name. Disable any non-essential entries that reference the DLL, restart your computer, and see if the error persists. Summary These tools—Event Viewer, Process Monitor, and Autoruns—can give you a clearer picture of the process triggering the load error. Let me know if you discover any specifics, and I can help further analyze the findings. Thank you

Thanks all of you for your quick response. Please find attached screenshots.

Hello @Killeriguana, Thank you for posting back, the information & the image👌 We contacted support, they said: The quick launch icon in the data entry field is referring to the tiny keyboard icon (number 1 in our image), where you may click and open the On-Screen Keyboard. If you uncheck “Show quick launch icon in data entry fields” option, the tiny keyboard icon will not show. Support went on to say: We (Kaspersky) do not have an option to turn off the pop-up (number 2 in our image), if the Secure Keyboard is turned on in the background. All you can do is to close (click x) the pop-up notice. That's the only way you can make the pop-up disappear as this is a feature by design. We asked: Don't you think, if *Show quick launch icon in data entry fields* is unchecked & the tiny keyboard icon is *no longer visible*, it would make sense that the Secure keyboard input is enabled pop-up would also not show? Isn't that commonsense? Support said: That's two different things. On-Screen Keyboard allows users to use the on-screen keyboard to type without using a physical keyboard. Secure Data Input is a protection feature that prevents keylogging applications to capture keystrokes. As I said before, we do not have the option to make the pop-up disappear. The user can just close the prompt and that's it. I will suggest this feedback to our team. Note, (ioe) “suggestions” don’t get very far in the Kaspersky bubble; they appear to dedicate a lot of resources to implementing cosmetic changes, not fixing things that would help their subscribers? Thank you🙏 Flood🐳+🐋

Gracias, Harlan! Reporto que hice el scan. En adelante voy a hacer el quick scan modificado que recomiendas, pero esta vez le quise hacer el Full Scan para comparar 1:1 los resultados con el scan anterior, que por cierto se tardó dos horas menos ahora y escaneó menos archivos (???)... Me siguen saliendo archivos dañados... No sé qué hacer, si los ignoro o no. (Aunque después del chkdsk de la semana pasada, volvió a suceder el crash de este lunes... entonces no sé si va a volver a pasar) Otras dudas: ¿El chkdsk no debería haber borrado los dañados? Los que pude encontrar parecen ser los mismos detectados la vez pasada. Y eso de C:\Recovery\ es una carpeta que ni habilitando ver objetos escondidos encuentro [quería ver la fecha de modificación de los archivos... los otros que sí encontré tienen fecha de modificación del 25 de nov (antes del Full Scan anterior) o 27 de noviembre (horas después del Full Scan anterior) (ambos casos archivos de Edge) .... y uno tiene fecha del 2018 (un juego preinstalado que nunca usé; la computadora es del 2019)] ¿Le hago un System Restore (que me borraría un mes de actualizaciones, incluyendo Kasp y las de Windows) o mejor no? Ya esta semana tengo que volver a hacer Windows Update (los hago un mes retrasados para evitar los bugs lo más posible) y se me acaba el tiempo y parece que no logro sanear esto...

Personalmente, yo no hago Full Scans, son innecesarios en mi opinión, solo corro Quick Scans, añadiendo en el Scope, las carpetas:

• Actually, it was recommended > Speed up your PC > Quick Startup > Disable autorun of rarely used apps to speedup your computer's startup... Encompassing - Wondershare App... • Concerning Internet drop-outs issue, 28 episodes from 01-Oct-24 to 08-Nov-24 were depicted for you on 09-11-24. Such as: Warning 08-Nov-24 15:26:24 Event 27, e1dexpress Intel(R) Ethernet Connection I218-LM Network link is disconnected.

My computer is running Windows 11 23H2 22631.3155 Professional (x64) and has Kaspersky Internet Security 21.3.10.391 (patch k) installed. After a quick scan of kaspersky, I restarted my computer but failed with a bluescreen. It said the OS ran into some problem and the error code was INACCESSIBLE_BOOT_DEVICE. After a forced reboot, the same bluescreen appeared again. I tried Windows boot repaire but it didn't work. I couldn't start the computer until I disabled the Early-Launch-AntiMalware on the boot option menu, which resulted in KIS not loaded. I thought the bluescreen must have something to do with KIS. To prevent rootkits and other unknown drivers from being loaded when the system boots, just after I had installed my OS, I turned on the Boot-Start Driver Initialisation Policy in Group Policy and set the policy to only allow "good" drivers to be initialised. I changed the policy to allow "good and unknown" drivers and restarted the computer, there was no bluescreen and KIS started normally like before. I changed the policy back to only allow "good" drivers and restarted the computer, the bluescreen came again. Just before this bluescreen accident happened, I updated database of KIS, and I ran a quick scan (NOTHING detected). I installed Qt 6.5.3 several days ago, but nothing went wrong these days. Even earlier, I installed a driver for Lenovo Hotkey on Lenovo System Update, which is an official driver updater and the installation was fully monitored by Kaspersky Internet Security. I think the problem may be due to KIS incorrectly classifying some important driver to be unknown during the ELAM stage. But I could not find anything about it: no related event logged, no KIS report and even no dump file for the bluescreen. The compromise in ELAM policy is just a workaround. Could anyone give more help?

Hi, I was just checking my Kaspersky license(s) the I noticed that notice(s) and notifications in notification area (bell icon) is in another language. For example, when My Kaspersky just opened (by clicking menu from Kaspersky Standard > Profile) there are two notices. One saying I have to authorize first to access My Kaspersky, the other one is about Kaspersky PURE license isn't being used but in Spanish (notifications area also in Spanish). After a refresh, the notice and notifications area changed to French. screenshots attached All other element(s) still in English and the site is set to English (I even re-set it to English) How and why did this happen? My laptop region and language setting is English (Indonesia). Installed keyboard layout are English (active) and Japanese (inactive)

Thank you for your extremely quick reply - it is very appreciated. That's interesting and good to know! Thank you again; I like to keep track of updates.

I purchased kaspersky total internet security few weeks ago. I did this because I was going to do a clean reinstall of windows ten pro on a laptop and want more security. I did the clean reinstall and installed kaspersky total and it was good. Now just recently, my keyboard when entering into the address bar of firefox, chrome and even edge does not work. I did install the kaspersky extension for weeks ago for each of these browsers. I mainly been using firefox because I read its the safest browser. The thing is for some reason, keys like pageup, pagedown, backspace, enter, Caps Lock, ` and several of the function keys seem to work on the keyboard. And by keyboard, im talking about the laptop keyboard and also an external keyboard connected via usb. I use this laptop while connected to an external monitor almost always. The weird thing however is… if I am on www.google.com and move my mouse to the search option on google… my keyboard does work. I could type any character. But when I move my mouse anywhere else, whether its the address bar or an application of a program I open, my keyboard does not work. If I do turn on the windows on screen keyboard, well that does work no matter where I type. Now when I turned on the kaspersky on screen keyboard, it seems to work everywhere… except the address bar of firefox/chrome/edge. Also as of now, I have bitlocker enabled and a windows ten password enabled. My concern is if I turn off my laptop or restart it, when it ask me for my bitlocker pin, isn’t that going to be a big issue if my keyboard does not work? Thus I can’t type my pin in? Could you even get the windows on screen keyboard open at the part where it ask your bitlocker pin? I assume not right? So to be on the safe side now, suspend bitlocker and no windows ten password because if I do that… then when I do a restart of my laptop, then it would go to the main screen? I did not even turn off my laptop since yesterday because of this. Also I am traveling abroad so this happening now is very frustrating as I do not have any computer. Can you tell me what is the best advice on this? Is this a kaspersky related issue? It makes no sense why so few keys work on the address bar and some function keys work but none of the letters/numbers work. Yet they work while entering in the google search menu? Is this related to the kaspersky enable keyboard or the kaspersky enabled web browser? Would turning those off make it work? How do you even turn it off? I checked online and the instructions have you going to settings and I don’t even see that when opening kaspersky total security.

Hello, @Leo24 Received, then there is no problem with the file itself, so let's investigate who loaded this file and made the error. We may need to try to find some clues in the Windows logs. We need to get here. Start by pressing the Win + R keys on your keyboard. Second, in the pop-up Run window, type: eventvwr.msc and press Enter. Check the opened System Event Viewer for anything about the kernel32.dll error and see if there is any mention of the process that went wrong. We are waiting for your reply if you find relevant content. Regards.

"Maybe you can tell us which program you run when this error appears" •Please be informed that during download pdf articles, such announcement ..."kernel32.dll ... Entry Point Not Found"... popped up twice on two separate occasions. Also such announcement popped up, while using Pdf Creator, within an attempt to "print" the selected article. Moreover, Acrobat Reader DC version 22.3.20314.0 used to freeze for ~ 10 seconds after file opening. So, it was uninstalled and replaced with the earlier AdbeRdr11010. "whether there is any malicious program activity on your computer" •In fact, Internet drop-outs persisted for some time! Ten minutes after starting Internet session and then variously. As I was about to finish and while checking Wireless Network Connection Status, often interruption occurred. • "You can send a screenshot of the error here" Sadly, I failed to figure it out on my Latitude E5540 (Win 7 Pro), while using Fn + Print Scr keys. Possibly, due to the planned obsolescence by Dell. Consequently, some keyboard keys didn't work, yet the numeric pad numbers functioned OK.

Hello. Thank you for your quick reply. 1 I use Opera and Firefox 2 I don't know how to check if I'm using Incognito / Private mode? but rather not, because I didn't change it. 3 I didn't install anything extra. 4 Yes, the problem repeats. 5 The problem started a week ago. 6 I'm using Windows 11 7 Kaspersky Premium 21.19.7.527 8 Yes

Hello, Please check this article for further details about adding an Applications Launch Control rule : https://support.kaspersky.com/KSWS/11.0.1/en-US/178908.htm

'Report' page column is not saving or updating anymore which includes detailed information regarding viruses scan like 'full/quick/path file or external devices'. Not sure yet about background/rootkit scan since last time it happened was at 3 a.m. And going to wait untill it start 24 hours after. This similar bug happen to occur last month around May 12th and took more than 9 days to Kaspersky acknowledge that existing issue. And I was still studying that proccess and symptoms and wait so others could report this as well. Although back then that bug was only affecting 'background/rootkit scan'. But this happening out of the blue again but instead got to affect all type of scans on report page is one thing to get me annoyed. So I'm making this report as fast as I can so it get fixed as soon as possible. Last known scan was save and it happen to be 18 hours ago and the update pulled a search for at 1:39 a.m. of 06/10. Then at the same day on 7:00 p.m. this bug started. Any action I'd initiate like viruses scans were not properly being saved at report page.