Issues with Kaspersky Antivirus for Android regarding license and scanning efficiency

[jjjhjkhjkhkjh]

 

Question 1: How does Kaspersky Android version determine whether system-level folders and certain protected areas contain malware without root privileges?

Question 2: Is it necessary to grant root privileges to Kaspersky Android version to deal with deeply hidden malware?

Question 3: Why does Kaspersky Android version show that it has scanned around 50,000 files during the scan, but the final pop-up window only displays 45,000 results? Why were the remaining files scanned but not included in the total number of results

Corrected Question 1

How does Kaspersky Android version ensure its ability to assess the safety of system-level folders and certain protected areas without root permissions?

[Flood and Flood's wife]

6 hours ago, jjjhjkhjkhkjh said:

1. How does Kaspersky Android version determine whether system-level folders and certain protected areas contain malware without root privileges? How does Kaspersky Android version ensure its ability to assess the safety of system-level folders and certain protected areas without root permissions?
2. Is it necessary to grant root privileges to Kaspersky Android version to deal with deeply hidden malware?
3. Why does Kaspersky Android version show that it has scanned around 50,000 files during the scan, but the final pop-up window only displays 45,000 results? Why were the remaining files scanned but not included in the total number of results

Hello @jjjhjkhjkhkjh, 

Welcome!

• Which Kaspersky subscription & version is installed? Read: Find the name and version number of a Kaspersky application. 
• Android name (e.g. Samsung) & OS version, read: Find the OS version

Q1 & 2 are answered together. The app has Admin authority. It's managed during the install process, read: Kaspersky for Android, Installing the app. 

For 3, IF you've manually granted root access or installed apps from unknown sources there may be alerts about unprotected spaces. Post full-screen-screen-prints of the issue please?

We cannot replicate 3. Tested two different Androids. 

Thank you🙏
Flood🐳+🐋

[jjjhjkhjkhkjh]

Question 1: Is the permission I granted to Kaspersky to "read the list of installed apps" considered administrative permission? After granting Kaspersky this permission, can it scan all files on the device, including system-level files? Do I need to grant Kaspersky root permission as well?

Question 2: As shown in the figure, it displays 59,562 files near the end of the scan, but the scan results only show 48,761 files. Why is that?

Question 3: I haven't granted any root permissions to other apps. If there is hidden malware that has illegally obtained root permission and hidden itself in the phone with elevated privileges, can Kaspersky detect it?

[jjjhjkhjkhkjh]

Is that true?

[Flood and Flood's wife]

On 10/21/2024 at 11:56 PM, jjjhjkhjkhkjh said:

• Is the permission I granted to Kaspersky to "read the list of installed apps" considered administrative permission?
• After granting Kaspersky this permission, can it scan all files on the device, including system-level files?
• Do I need to grant Kaspersky root permission as well?
• I haven't granted any root permissions to other apps. If there is hidden malware that has illegally obtained root permission and hidden itself in the phone with elevated privileges, can Kaspersky detect it?
• As shown in the figure, it displays 59,562 files near the end of the scan, but the scan results only show 48,761 files. Why is that?

 

Hello @jjjhjkhjkhkjh 

Thank you for posting back the information!

1. Yes. 
2. Yes 
3. No, under no circumstances should the phone be rooted - doing so may expose the phone / make it vulnerable to exactly the type of attack you wish to prevent. 
4. IF the malware / worm was on / in the phone *before* Kaspersky was installed, then perhaps *no*, equally, IF the phone was shipped from the manufacturer with malware & before Kaspersky was installed - again - perhaps *no*, nothing is 100% guaranteed. 
5. Where has Kaspersky Security Software for Android been installed from - which *Store*? Read: How to download Kaspersky applications on Android and iOS. 
6. For the *scans* discrepancy in file counts -> *Add the Kaspersky app to the exclusions list for battery saving mode.*
7. READ this: Huawei and Honor devices - Known issues. 
8. Clean install Kaspersky from the Huawei app store, at the end of the install - REBOOT - POWER OFF / ON the phone - monitor the scan count? IF the issue persists, log a request with Kaspersky Customer Service  - https://support.kaspersky.com/b2c#contacts, on the support page, select either Email or Chat, then fill in the template as shown; please include a *detailed history*, include screen-prints; include: Android smartphone's log file. 
   *Also - IF using Chat - ask the operator to email (you) a copy of the chat transcript *before* ending the chat - otherwise (you'll) have no record of the chat*

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

1 hour ago, jjjhjkhjkhkjh said:

1. Is that true?

 

Hello @jjjhjkhjkhkjh, 

Harmony OS equivalent is Android 12, so compatibility is fine, read: Kaspersky for Android, Hardware and software requirements. 

1. It's an *opinion*. 

Thank you🙏
Flood🐳+🐋

Edited October 23 by Flood and Flood's wife
https://support.kaspersky.com/common/diagnostics/13048

[KarDip]

Hello @jjjhjkhjkhkjh

Question 1:
How does Kaspersky Android version ensure its ability to assess the safety of system-level folders and certain protected areas without root permissions?

Answer:
Kaspersky for Android works within the restrictions imposed by the Android operating system to ensure security, even without root permissions. Here’s how it achieves this:

1. Android APIs: Kaspersky utilizes official APIs provided by Android to detect potential threats. These APIs allow access to certain non-root parts of the system, such as installed apps, user data, and permissions associated with them.

2. Behavioral Analysis: Instead of directly scanning system-level files, Kaspersky monitors the behavior of apps and processes. This approach allows it to detect malicious activities such as suspicious network connections, high CPU usage, or dangerous permissions.

3. App Usage Monitoring: Kaspersky assesses installed apps for known vulnerabilities, malicious code, or abnormal behavior without needing access to protected system files. For example, it checks for apps with overly aggressive permissions or those running unauthorized background processes.

4. Cloud-Based Detection: The antivirus connects to Kaspersky’s cloud database to compare scanned data against a constantly updated list of malware signatures, even without scanning system-level folders directly.

5. File Access Restrictions: While system-level files are inaccessible without root, Kaspersky compensates by scanning APKs before installation and actively monitoring the runtime behavior of apps, which often reveals malicious intent.

---

Question 2:
Is it necessary to grant root privileges to Kaspersky Android version to deal with deeply hidden malware?

Answer:
Granting root privileges can provide deeper access to system areas, but it is not necessary or recommended for most users. Here’s why:

1. Security Risks with Root: Rooting a device can introduce vulnerabilities, as it removes the security layers that Android enforces. This could allow malware to exploit the elevated privileges or other apps to compromise security.

2. Mitigation through Real-Time Protection: Kaspersky offers real-time protection and behavioral monitoring, which can often detect deeply hidden malware even without root access.

3. System Partition Scans: If malware is embedded in system-level files, factory resetting the device or using tools provided by the device manufacturer (like flashing official firmware) is often safer than rooting.

4. KVRT Alternative: If deeper scanning is needed, Kaspersky Virus Removal Tool (KVRT) or similar tools for PCs might provide options for scanning Android devices connected via USB.

---

Question 3:
Why does Kaspersky Android version show that it has scanned around 50,000 files during the scan, but the final pop-up window only displays 45,000 results? Why were the remaining files scanned but not included in the total number of results?

Answer:
This discrepancy in the number of files scanned versus the total displayed results can occur due to several reasons:

1. Temporary or System Files Exclusion: Some temporary files, cache data, or system logs may be scanned but not included in the final count as they are considered non-critical or irrelevant to the user.

2. Skipped Duplicates: If the scan detects duplicate files, only one instance may appear in the results, reducing the reported count compared to the scanned total.

3. Ignored or Excluded Files: Kaspersky may have predefined exclusions for certain system files or folders, which are scanned but not included in the report because they pose minimal or no risk.

4. Scanning Metadata: The scan might include metadata or symbolic links that are processed during the scan but not reported as separate entries in the final summary.

5. Background File Changes: If the number of files changes during the scan (e.g., if new files are created or deleted in real time), the final report may reflect the state of the system at scan completion, not the exact number scanned initially.

Thank you

Edited October 23 by KarDip
correction sentence

[jjjhjkhjkhkjh]

@KarDipThank you so much.

An impressive answer.

BUT...How do you think of tihs  opinion?

@Flood and Flood's wifeYou guys are impressive. Thank u so much.

[jjjhjkhjkhkjh]

By the way.

The HarmonyOS system modified by Huawei on the basis of Android 12 will not damage Kaspersky's ability to scan and kill malicious software, right?

Is the ability of Kaspersky to run on a regular Android 12 system the same?

@Flood and Flood's wife@KarDip

Thanks again.