Jump to content

Is the threat (trojan virus) neutralised when Kaspersky detects it? Or does that happen when I push the Resolve button? [MOVED]


Recommended Posts

Posted

Hello all,

I saw that Kaspersky had discovered a Trojan (Trojware) approx. 2 hours ago. I didn’t notice the notification at the moment the virus was discovered. When I opened Kaspersky Security Cloud I clicked the "Details” button exactly the same as seen here: https://support.kaspersky.com/common/start/15436 and clicked the “Resolve” button. Threat was neutralised and that was it.

Here comes my question: Did Kaspersky neutralise the threat (virus) before I “Resolved” it manually? Was my computer compromised for the 2 hours of my ignorance? I also couldn’t find the log of resolved virus, once I clicked “Resolve” that virus wasn’t logged anywhere in the Report window.

 

I’m really curious about this.

 

Flood and Flood's wife
Posted

Hello @JayBro

Welcome!

  1. 🅰Read before you create a new topic!
  • Yes, when KIS detected the threat it will have neutralised it.
  1. Did you check Quarantine?
  2. Re not showing in report, have any Report logging notifications been changed? 
  3. IF you have concerns, exit all applications & browsers, clear C:\Windows\Temp & C:\Users\USER\AppData\Local\Temp; run a manual Database update, shutdown the machine using Shutdown, not Restart, power on, login, run a Full scan → allow it to complete….

Link

 

 

Please let us know?

Thank you🙏

Flood🐳+🐋

Posted

Hi,

Thanks for your feedback. 

I am using 21.3.10.391 (f) Kaspersky security cloud on windows 10.

  1. Quarantine is empty and I haven’t emptied it.
  2. I’ve in fact found 2 event in “Reports”
  3.  Result was first “detected” and then “Not processed”, Event: Disinfection not possible, Reason: postponed.

  4. I went to the location of the threat and it wasn’t there. Did Kaspersky delete it automatically or what happened with it?

Flood and Flood's wife
Posted

I am using 21.3.10.391 (f) Kaspersky security cloud on windows 10.

  1. Quarantine is empty and I haven’t emptied it.
  2. I’ve in fact found 2 event in “Reports”
  3.  Result was first “detected” and then “Not processed”, Event: Disinfection not possible, Reason: postponed.

  4. I went to the location of the threat and it wasn’t there. Did Kaspersky delete it automatically or what happened with it?

Hello @JayBro

Thank you for the information!

Apologies for the delay. 

  1. We’re a little confused, the topic is in Category Kaspersky Internet Security, however, your last reply advises the software is Kaspersky Security Cloud🤔
  2. Normally, when a report shows “postponed”, it indicates the process is waiting on an event, for example a - machine shutdown & restart - was this done after these steps: “clicked the “Resolve” button. Threat was neutralised and that was it”, which you advised when you posted the topic? 
  3. We’d like to see the entire object name please, drag the Object name vertical line column to the right, you can still hide your user name, we don’t need to see that.
  4. Is Kaspersky Security Cloud Family, Personal or Free? 

Please post back?

Thank you🙏

Flood🐳+🐋

Posted

 I went to the location of the threat and it wasn’t there.

Is the location  “C:\Users\       \AppData\Loca\Temp\0a298682-7346-4538-85b7-????????????”
an empty folder, can you please specify.

Posted
  1. Excuse me for the confusion. I later realised that I posted this post in the wrong category. I am indeed using Kaspersky Security Cloud - Family, payable version, not free. I am sorry for posting in the wrong category, that surely creates some confusion.
  2. I pressed “Resolve” approximately 24 hours after the 2 logged events in “Reports”. I wasn’t notified of this threat. I noticed a red flag over the Kaspersky icon 1 day later (according to the log time in Reports - not 2 hours as I initially thought) that’s how I’ve discovered about the threat… Very odd.
  3. Entire object:

C:\Users\xyz\AppData\Local\Temp\0a298682-7346-4538-85b7-4d0e709c9f9f.tmp\0a298682-7346-4538-85b7-4d0e709c9f9f

      4. When I went to the location after resolving no such file or folder were there.

Posted

Thank you. No, the K icon stopped being red once I’ve pressed “Resolve” and the .tmp file was also gone, so I suppose it was fixed on the spot. I still don’t understand why the threat was detected and then not processed, because of that I’m concerned about this threat. Could you still say for sure this virus was neutralised/blocked (before doing any harm) when it was discovered and “not processed”. I manually “Resolved” it a day later. What was happening with this threat in the meantime as Kaspersky was waiting for my input? What’s the function of “Resolve”, what does it do? Isn’t anti-virus supposed to take action and keep me safe when something harmful is discovered and not wait for my input to “resolve” it? Maybe it does but it’s just all a bit confusing.

I rebooted the machine and ran a couple of full scans, all of them came clear and there is no sign of the malicious .tmp file.

Guest
This topic is now closed to further replies.


×
×
  • Create New...