Jump to content

AMSI report shows high threat detected in red and data sent to third party in yellow, but 3 full scans by three different programs did not find a threat.


Recommended Posts

Windows 10, version 21H1 (OS Build 19043.1237); Kaspersky application version  I’ve attached the AMIS scan report.  I ran a full virus scan user Microsoft Defender, Kaspersky, and ESET online.  No threats were detected.

Last week I downloaded a file that caused havok.  Kaspersky was continuously blocking messages attempting to be sent.  I used ESET to find the threats and neutralize them.  Today was the first day I was able to get back to the computer and I found that Kaspersky could not be opened.  I reloaded Kaspersky and saw the attached report. 

Should I wipe my computer and reload, or is this message not really a problem?

Link to comment
Share on other sites

Hi Bruce, 

We need more data to analyze, but this data cannot be provided via forum, can you please collect and send to technical support via my.kaspersky.com? 

Please do the following:

  1. Collect and send us the system report: https://support.kaspersky.com/common/diagnostics/3632
  2. Download and run the utility https://box.kaspersky.com/f/25341000aaa34467a9ca/?dl=1 after it is done scanning, send us all (!) the files from folder C:\KVRT_Data.
  3. Go to C:\Users\%username%\AppData\Roaming\Microsoft\ and look here for folders with wierd names, like ‘nPROhUCsLBxIugFeKW’. Put these into an archive and send to support as well. You can delete the folder after you send it. 
  4. Go to C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ and check for presence of unknown strangely looking links, like: a9584f7295449693aac58c74a6a5b.lnk, send these over to support as well and then delete. 



Link to comment
Share on other sites

This topic is now closed to further replies.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.