Search the Community

Dear Kaspersky Team, I'm experiencing issues with apphost.exe generated from my .NET project: Details: - Kaspersky Premium: 21.19.7.527(a) - File: apphost.exein Debug folder - Detection: HEUR:Trojan.Win32.Sdum.gen - Project link: https : //3jqlnk-my.sharepoint.com/:u:/g/personal/thjvjpxx_3jqlnk_onmicrosoft_com/EeUA7eEi1R9DttooV4MrKTIBgf2AC8TeRxUtOZeaj1RnkA?e=YoDwwJ - IDE: Visual Studio 2022 - Nuget: OpenTK - v4.8.1 OpenTK.GLControl - v4.0.1 Unofficial.laszip.netstandard - v5.5.2 - Framework: .NET 8.0 This file is automatically generated by .NET SDK during project build. I believe this is a false positive because: 1. File is created by Visual Studio/MSBuild 2. Clean source code 3. All dependencies from official NuGet packages Questions: 1. How to confirm this is a false positive? 2. How to report and resolve this issue? 3. How to prevent similar detections? Thank you for your assistance.

Hello, Does anybody know what HEUR:Trojan.Multi.PBot.gen does? Google search leaves no results. Kasperky found it in system memory and removed it, but how to check are there any traces left? Os: Windows 10 home 22h2 (build 19045) Kaspersky total security 21.3 Note that I have python 3.13 installed (if pbot means pythonbot)

короч, сижу, и вдруг каспер орет что google.exe вирусняк я хз че делать 2 раза было Событие: Обнаружен вредоносный объект Пользователь: я тут не напишу лучше Тип пользователя: Инициатор Имя приложения: chrome.exe Путь к приложению: C:\Program Files\Google\Chrome\Application Компонент: Интернет-защита Описание результата: Обнаружено Тип: Троянское приложение Название: HEUR:Trojan.Script.Generic Точность: Эвристический анализ Степень угрозы: Высокая Тип объекта: Файл Имя объекта: index.php?showtopic=327461 Путь к объекту: https://forum.drweb.com MD5 объекта: 84A15BD1FC9FE77C4192D31DE1604FE9 Причина: Экспертный анализ Дата выпуска баз: Сегодня, 08.11.2024 10:59:00 весь лог жду ответа

Уже несколько недель касперский пытается вылечить троян. После лечения и перезагрузки он находит его снова. Также касперский делал 2 принудительных лечения во время которых у меня недоступны запросы в браузере, какие либо приложения виндовс, и по какой то причине перестаёт работать микрофон в дискорде. Почему то не могу найти в отчётах лечения может я просто слепой.

Boa noite, me chamo gustavo e estou com um problema que está me estressando muito, a um tempo acabai sofrendo com um programa licenciado por um empresa que no fim, mesmo sendo pago era um malware que acabou vazando dados meus e me deixando bem impotente, dai por recomendação de um amigo assinei o plano da Kaspersky plus. realmente não tive mais problemas com isso, mas em contra partida pouco tempo depois percebi que o celular de minha mãe estava com o e-mail dela alterada e varias coisas da própria área de trabalho do celular dela alteradas. Depois de fazer algumas verificações averiguei que sim era um trojan e que ele tinha roubado bastante dados da minha mãe, além de ter trocado varias senhas e ter tentado entrar nas suas contas bancarias. Como não sou muito bom nesse tipo de problema, para evitar ser mais problemático coloquei um anti vírus no celular dela que encontrou o problema e me livrei dele. Contudo um dia depois meu colega de quarto também foi atacado, perdeu varias contas, discord, redes sociais, steam, recuperamos tudo, contudo não entendemos como isso tinha acontecido, resolvemos, mudamos a rede wi-fi, senha e etc, formatamos o roteador e o computador dele, mas hoje ele foi atacado novamente, ainda pior porque perdeu aceso a uma de suas contas bancarias, sua conta salario. Eu realmente não faço ideia o que posso fazer para acabar com esse problema, estou pensando em formatar simplesmente todos os eletrônicos da rede por medida desesperada, mas eu realmente não faço ideia como resolver e gostaria de alguma orientação. Por hora minha maquina está segura, mas não tenho mais nenhuma noite de sono ficando a espreita, olhando cada notificação, cada mudança com medo de perder algo novamente. Uma coisa que gostaria de acrescentar que as senhas que usamos são feitas pelo próprio edge reconhecidas como senhas fortes, não tem ligação nenhuma com nada nosso, não anotamos ela no dispositivo e a única forma dele de fato acessar é de alguma forma controlando nosso computador. Isso está acontecendo a mais o menos 6 dias. O computador dele eu considero que foi o mais vulnerável pq ele tem um costume de deixar ele sempre ligado, e ligado a rede, por isso imagino que o mesmo está ou estivesse na rede wi-fi. Olhamos alguns fórum e temos receio do hacker estar em nivel kernel de algum dispositivo, já que os anti virus não parecem funcionar para o detectar. No primeiro problema, quando meu colega de quarto foi hackeado, entramos no painel de controle e revogamos acesso a rede de praticamente todos os apps, deixando somente acesso ao sistema do win 11 e apps necessários, excluindo acesso a todos os outros para ter acesso a internet.

Hello Kaspersky Team and Community, I've been observing the Kaspersky Cyberthreat Live Map for a while now, and I'm a bit puzzled. While the map highlights significant activity globally, I've noticed that Canada often shows minimal threat data compared to many other countries, even during times when cybersecurity risks seem high worldwide. Given the heightened state of cyber activity, this discrepancy is causing me some concern. Could this be due to certain monitoring constraints specific to Canadian infrastructure, or perhaps an intentional choice in data visualization for regions? If this data gap is indicative of low activity, is there something about Canada's cybersecurity landscape that could explain this? Or, should I be worried that it might signal an oversight or lack of reporting that could impact our national security interests? Looking forward to your insights! Thank you. mato lechat

Hello, I have a pos software which i run for years without any problems.But, these days, the "HEUR:Trojan.Win32.InversedShelma.gen" is detected in the *.exe file and KP try to delete it. Anyone heard about this trojan.I made a search on the google but nothing ! thanks

I tried to explain events via pictures and links. I especially took the screenshots full screen for date and time. Hope it helps. I bought Kaspersky Premium subscription and tested some malwares with it's Real Time Protection feature. I download some samples from known malware sample websites. KP (Kaspersky Premium) is detecting "some" of them while downloading to my computer (i guess because of their HASH'es). BUT i tested some samples which i encountered on the internet and tried to copy to my computer and KP did NOT detect this KNOWN (Virustotal 52/73) malware and other one is KNOWN (Virustotal 48/73) malware. I rescanned these malwares at 21:13 or 21:14 (UTC +3) and still NOT detecting. I am curious is Kaspersky updating their data through Virustotal or NOT? Because first file's first submission date 9 SPT and second file's first submission is 19 AUG. How Kaspersky CAN NOT detect these KNOWN malwares? Can someone (Kaspersky Malware Analysis Team) explain me this situtation? I don't feel safe while using Kaspersky Premium because it doesn't meet my BASIC requirements. If possible may i buy Kaspersky EDR/XDR for home use with low price or big discount? Any help would be appreciated! Thanks in advance. Kind Regards. https://www.virustotal.com/gui/file/020420f20ee32bda982599939e5d4bcffcabd57e22a911f5eeeabf29e4dede7a/detection https://www.virustotal.com/gui/file/d90564f22fc7b04020a55e592056b659edec8e70d9463c77d79bb82bd370fa57/detection

И так я скачал игру(пиратку, не горжусь) и при проверки системы нашло троян. Естественно я сразу подсел на очко(да и щас тоже). Прошел все удаление, перезапуск системы. Но я не уверен что он удалился на 100%, как это можно проверить? прошел быструю проверку ничего не нашло, щас запустил полную. Возможно ли что антивирусник так ошибся и ка точно удалить троян если он остался(мб система не удалило его) Да, мне страшно...

My Kaspersky Premium seems to stuck on removing some malware from my PC. It found 80 issues and I clicked to fix them. I did it few hours ago and the program is still "working". It looks like it stuck. I already restarted the system and nothing changed. Also, the program shows constantly: "Removing these objects requires your decision". It did ask me to make some decisions, which were limited to ignoring some of the issues it found. I did so hoping that maybe I will be able to remove it later by myself.

Recentemente navegando pela Steam encontrei o jogo Visions of Mana e resolvi instalar a demo para jogar. Hoje ao abrir o jogo para minha surpresa o antivirus detectou que havia um vírus nele, fechou o jogo demo antes mesmo de começar e excluiu o arquivo. É até estranho que uma empresa como a Steam permita que esse tipo de coisa aconteça e até denunciei. Mas também, qual seria a possibilidade disso ser apenas um falso positivo?

I started FiveM and suddenly Kaspersky detected something called 'PDM: Trojan.Win32.Generic.' It told me to restart the computer and perform a scan, which I did, but nothing was found; it said the system was clean. However, when I entered FiveM again, the same thing happened. Could you please help me?

While I was using Windows Subsystem for Android(WSA) today, my kaspersky suddenly told me that itwas a trojan and killed it. I don't know what happened but I'm sure that it's a mistake.After that I tried to reinstall WSA for several times, but the same thing happened again and again. And I also found that when I tried to use files on WIndows(not inside the WSA), the same question will happen ,

Bonjour, malgré avoir effectué de nombreux antivirus et formater mon pc, mon adresse mail continue à avoir des activités suspectes à des heures où je dors sur mon pc, je soupçonne donc qu'un virus est encore sur mon pc, le hacker ne touche quasi à rien sauf à mon adresse mail. Bien évidemment cette situation est à cause de moi, j'ai récemment crée et installer un jeu sur itch.io si cela peut aider, (mais aussi sur stg gege)

Hi all, These past couple of days, I have been very confused by Kaspersky notifying me of potential trojans when all I was doing was opening Reddit posts. Kaspersky keeps notifying me of a "malicious object detected" and then a "download denied." Every time, it shows the same virus: HEUR:Exploit.Multi.DrvDos.gen. This has happened three times so far and all three times the posts were on a Windows-related subreddit. I have no idea if that's relevant or not. I am wondering if I should be concerned or if these are all just really weird false positives. I am running Windows 10 Pro 22H2 (Build 19045.4651) and Kaspersky Free 21.17.7.539. I will include a few screenshots of the reports as well: Summary of all of the reports from the past 2 days Detailed descriptions of each event

Hello support team, I want to run the following files on my system but VirusTotal detects threat, however Kaspersky is not showing any threat detection(I am using premium Kasepersky, home edition) I just want to know if these files are safe, let me know if You can confirm this. here are the 4 VirusTotal link files: https://www.virustotal.com/gui/file/f5e6682c44cb73f65d2f349fc651d7c3c78b2e49fa56a765a702a877c8c563d3/detection https://www.virustotal.com/gui/file/ce66ca7f2ede112a03356850594762591dbe62ac083eb989c9e8e58b6138e316/detection https://www.virustotal.com/gui/file/e968563a93f2fcb5690ee2f77ab097c8c757da5bb156dead731048dfa64f008b https://www.virustotal.com/gui/file/0175940ccb7a1cc71c27ea13ee574d7f7d73e58e1d9c48f22ffebc157d9a0b24/detection Also let me know if i can somehow send files to you, everyfile is .exe format Thank You in advance, Best Regards

Hello, I am inserting a USB memory into the PC. When I double click to enter the USB memory, the same place appears again. (As in the 2nd photo) It's like a USB within a USB. When I hover over it with the mouse and wait, an explanation appears. (in the 3rd photo) When I double click to enter, a small error window titled "Windows Script Host" appears as in the 4th photo. So I cannot see or access the contents of the USB. I scan it with Kaspersky Premium, Eset Online and Malware, but it comes up clean. I am adding a photo of the problem. I'll be happy if you can help me.

My SO is Windows 10, KIS version is 21.3.10.391 I installed KIS to search for a virus in my desktop computer, and while it found there's a Trojan affecting the system, once I accepted to run the recommended action to delete it, it got stuck on it, and it's been more than 12 hours and it's still stuck on the task. I don't know how to proceed, if I should uninstall it and try another antivirus, but I would be glad if someone has any advise on how to proceed, or if it has happened to anyone else.

Got absolutely frustrated with my Lenovo Yoga Slim laptop. Everything started to run especially slow one day and even occasional screen freenzes happen. The laptop went over-heated but memory and cpu usage was actually quite low. Couldn't properly load Youtube video in full screen. Everything is lagging hard. I full scanned my laptop using Kaspersky Standard and a malicious objected was detected. It was a kind of Trojan named HEUR:Trojan.Multi.Runner.l But Kaspersky seemed to do absolutely nothing about it. No disinfection, no quarantine, no deletion? And the next time I full scanned it, Kaspersky simplied told me that No threats are found. Please help me. I have got work to do and I have even tried restoring Windows but in vain. Details are as below: Event: Malicious object detected User type: Active user Component: Virus Scan Result: Detected Result description: Detected Type: Trojan Name: HEUR:Trojan.Multi.Runner.l Precision: Exactly Threat level: High Object type: File Object name: powershell.exe Object path: proc:\C:\Windows\System32\WindowsPowerShell\v1.0 Reason: Expert analysis

Windows 10 Домашняя для одного языка, 22H2 Установил wsl ubuntu 22.04 LTS Установил clickhouse по инструкции https:/ / clickhouse.com/docs/ru/getting-started/install Сразу же Касперский начал ругаться на бинарник clickhouse и удалил все все конфиги .xml Кто сталкивался с проблемой? Это ошибка Касперского или в ClickHouse завёлся троян? В свете найденного бэкдора в xz возможен второй вариант

事件: 检测到恶意对象 应用程序: Clash Verge.exe 用户类型: 发起者 组件: 系统监控 结果说明: 检测到 类型: 木马 名称: PDM:Trojan.Win32.Generic 威胁级别: 高 对象类型: 进程 对象路径: D:\Program Files\Clash Verge 对象名称: Clash Verge.exe 原因: 行为分析 数据库发布日期: 今天，2024/4/30 下午6:34:00 MD5: FBFFDC90C81E29CA3826BD1D642D26F6 软件来源https://github.com/clash-verge-rev/clash-verge-rev/releases/tag/v1.6.0

Здравствуйте. Зашёл в отчеты посмотреть как там Касперский поживает и обнаружил записи что объект не обработан и ссылка на файл globalroot. Стало интересно что это такое. После того как в гугле вбил это название Касперский начал ругаться на скачку вредоносный объект. Пока не закрыл окно поиска попытки скачать не прекращались. Проверил систему полной проверкой , вроде все чисто. Что это может быть и чем грозит ? Windows 11 kaspersky Total Security версия 21.3.10.391 базы от 21.04

Hello, I am trying to connect to the ERD Architect Data Modeler website (it is "erdarchitect.com" and is an https site but for obvious reasons I am not putting the full URL here in this note) and Kaspersky keeps indicating that there is a dangerous object trying to download. This object is the Heur:Trojan.script.generic trojan. This occurs in both Firefox and Brave browsers which would be expected. I understand that it is possible the site is in fact infected but I would like to confirm. I recall reading on the Kaspersky site about providing the same information as above in another area of the site so it can be reviewed. Unfortunately, I cannot recall where this is to submit this. I have also included screenshots as well. Can someone direct me to this area so I can see if it is in fact an issue or a false positive? Thank you

Обнаружен в памяти компьютера, как убрать? Лечение с перезагрузкой не помогает.

This morning an official banking app was detect a Trojan, which is that possible? App was update in Play store, Samsung s24 ultral, and Android 14, and oneui6. 1