Jump to content

Kaspersky Antivirus detecting itself as a thread


Go to solution Solved by Flood and Flood's wife,

Recommended Posts

Posted

Fresh install of Kaspersky Antivirus, and when I look at the report section Kaspersky files are marked as medium importance (yellow triangle).

The one below seems to be the Kaspersky VPN installer.  Could this prevent the Kaspersky from working properly?

image.thumb.png.96cfac302abfb4a5fbc1570183acc80a.png

 

image.thumb.png.015a81f0d15a1e36d177046f0e1faada.png

 

Flood and Flood's wife
Posted (edited)
1 hour ago, TheOne said:
  1. Fresh install of Kaspersky Antivirus, and when I look at the report section Kaspersky files are marked as medium importance (yellow triangle).
  2. The one below seems to be the Kaspersky VPN installer. 
  3. Could this prevent the Kaspersky from working properly?

Hello @TheOne

Welcome!

  1. Both images show Kaspersky Anti-Virus 21.3, in both cases the application path is: Application path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3, not C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7.
  2. Network Attack Blocker is a component of Kaspersky Anti-Virus 21.3,  - please see a similar image, to your image 1 - from our machine
    Spoiler

    image.thumb.png.e1dba8247271d464a5797bdc13749c83.png

  3. This document: Reports window, explains the blue, yellow & red event importance levels; noting, in the KAV application reports, some events may be marked as ⚠️Warnings, but are in fact benign. 
  4.  Modules with the application, may stop & start at various times, at the times tasks stop running, the event may be recorded in the Reports, with a ⚠️Warning.
  5. We're unable to see anything mentioning Kaspersky's VPN, please clarify where you see "the Kaspersky VPN installer" please? 
  6. Are you having actual problems with KAV running correctly - in the main application window, are there any Recommendations or in the KAV Notifications center, are there any Notifications, in the main application window, are there any colors - other than green, looking at the Kaspersky icon, on the Windows taskbar or hidden icons, is the icon green or another color? 

Thank you?
Flood?+?

Edited by Flood and Flood's wife
re-arranged information & added additional information || Added q6
Posted

Hello Flood,

Regarding item 1 and 2 from your message:  Yes, I know they are from KAV, that's why I'm asking if there's an issue, it's odd to see the program logging itself where normally the malware would show up.  But if I understand correctly it is normal for Kaspersky to log normal function of the application AND also any threat alerts and warnings in the same log?  If that's the case, duly noted.  I guess as long as I don't see the Result column saying "Blocked" then everything is OK.

image.thumb.png.f1e3c97d3dfb887daff7e62f8f9c1095.png

Regarding the Kaspersky VPN, that was my mistake.  I removed the picture I was referring to.  Below is the picture:

image.thumb.png.d70a458d8dcb2519f9c26f089982f0d9.png

You said "Are you having actual problems".  Well, I thought I was when I saw the File Anti-Virus and Web Anti-Virus were reporting KAV files. I thought those were "actual problems" hence my post.

To sum it up, KAV normally logs normal function of the application in the same area where a virus or malware would be reported, correct?

 

Thank you for you the quick response by the way.

  • Thanks 1
  • Solution
Flood and Flood's wife
Posted (edited)
1 hour ago, TheOne said:

Hello Flood,

  1. if I understand correctly, it is normal for Kaspersky to log normal function of the application AND also any threat alerts and warnings in the same log? || To sum it up, KAV normally logs normal function of the application in the same area where a virus or malware would be reported, correct?
  2. I guess as long as I don't see the Result column saying "Blocked" then everything is OK.
  3. Kaspersky VPN, below is the picture:

image.thumb.png.d70a458d8dcb2519f9c26f089982f0d9.png

 

Hello @TheOne

You're most welcome!

Thank you for posting back & the additional information?

  1. Both statements are correct, please see image 1, from our machine, as an example:
    Spoiler

    image.thumb.png.01c062739f339ca686adc53fe500ec92.png

     

  2. For detections, in, for example: Web Anti-Virus, File Anti-Virus, System Watcher - detections will appear similar to our third image
    Spoiler

    image.thumb.png.a353b2e36831f43a3e633b60e37251da.png

     

  3. In the image you've shown: C:Windows\Installer\4413add.msi, the extended detail (lower part of the report), shows the application path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3, not C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.7 - please go to C:Windows\Installer\ - find the 4413add.msi file, rightclick, select Properties, then select the Details tab, post back a full screen screen image of the 4413add.msi file, showing the Details please? 
  4. Scan the msi file, using https://opentip.kaspersky.com/ - post the result please? 
  5. IF you'd like to test how a detection will look & how KAV responds to detections, use EICAR test file: https://www.eicar.org/download-anti-malware-testfile/ - EICAR test file is a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization (CARO), to test the response of computer antivirus (AV) programs. Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use a real computer virus.
  6. A couple of tips, that may be useful when you're working with Kaspersky applications: in the top right corner, of the application, in each window, there's a . The represents HELP, selecting the  will open Kaspersky's Online Help repository, specific to the window of the application - that you're on at that time.
  7. Second tip, in the Reports window, top righthand side, there's a SAVE option, selecting SAVE, will save the report as a text file; you can share the report by uploading to cloud & posting a share link OR, if sending to Kaspersky support, simply attach the text file to any email communications you have with the team. 
  8. Third tip, the reports can be filtered, using the Calendar & or place the cursor anywhere along the report table heading row (where you see Event date, Event, Result etc.); rightclick -> opens the list of all columns, select / tick / untick whichever columns are required - see our 4th image
    Spoiler

    image.thumb.png.08b4d68b24446c4cd80ccfa350526993.png

Thank you?
Flood?+?

Edited by Flood and Flood's wife
corrected grammar? || added question
  • Like 1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...