This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

False positive for a virus in win (2023.12.22.1)
#11
When Kaspersky detects something, I don't recommend ignoring it, since it was them who blew the lid on FBI & Pentagon agencies with very high Pedophilia activities & planting viruses on those who expose them about 8 years ago. That's why Kaspersky was banned in USA market.

As soon as I updated to 2023.12.22.1, I noticed my system was using over 40% CPU, then Kaspersky told me it found a worm like activity in Hybrid. Here is a log after a cleanup:

Event: Malicious object detected
User: WIN-KESEUDKBD4T\Administrator
User type: Active user
Component: Virus Scan
Result: Detected
Result description: Detected
Type: Trojan
Name: Trojan.Multi.GenAutorunReg.a
Precision: Exactly
Threat level: High
Object type: File
Object name: System Memory
Reason: Expert analysis
Databases release date: Today, 1/3/2024 8:00:00 AM
Reply
#12
Quote:, I noticed my system was using over 40% CPU, then Kaspersky told me it found a worm like activity in Hybrid.
What used the 40%?
Hybrid's installer will use some resources for decompression. (How much depends on the system.)
At least the files in Hybrid from my side (selur.de) are fine. Can't say anything if you downloaded from another source.
also:
a. It's not uncommon for Kaspersky to report false positives.
b. Running Hybrid as Administrator is not recommended.
c. Without details, what is triggering Kaspersky, I can't look further into it on my end. (https://opentip.kaspersky.com/?tab=upload only allows a max file size of 256MB)
"Reason: Expert analysis" <- I doubt it.

=> Report the issue to Kaspersky, they are welcome to download Hybrid and report any issue they have with it, but I bet it's false-positive like always.

Cu Selur
----
Dev versions are in the 'experimental'-folder of my GoogleDrive, which is linked on the download page.
Reply
#13
I have been using Kaspersky for 20 years & it never reported Hybrid including previous version. After I updated Hybrid to latest version, I did not run it & 30 minutes later CPU started getting overloaded around 40-45%. Then Kaspersky poped up saying that Hybrid installer was flagged for worm virus like activity. It took it 2 hours to clean my system, after which my CPU returned to normal 0% usage. I will try do more research to get to the bottom of it.
Reply
#14
Here in the forum Kaspersky, MSI Afterburner and RivaTurner have caused other users out of memory issues, see: https://forum.selur.net/thread-2207.html.
But roughly every 7 month or so, someone reported false-positives with Kaspersky (and/or Norton).
Usually it comes down to that one of the binaries was compressed with upx or similar, or the lzma2 compression used by the Installer caused issues.

Cu Selur
----
Dev versions are in the 'experimental'-folder of my GoogleDrive, which is linked on the download page.
Reply
#15
btw. VirusTotal reports that Kasperky does not flag the file as malicious.

Cu Selur
----
Dev versions are in the 'experimental'-folder of my GoogleDrive, which is linked on the download page.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)