Kaspersky
Solved

Trojan.Multi.BroSubsc.gen - difficult to remove [Moved]

  • 26 March 2021
  • 10 replies
  • 6643 views

  • Community Citizen
  • 2 replies

We’ve had multiple detections of Trojan.Multi.BroSubsc.gen.  Deleting and reinstalling the browser (with a restart in there too) seems to help but in one case the malware returned.  Anybody having the same problem?  

icon

Best answer by Danila T. 21 September 2021, 16:03

View original

This topic has been closed for comments

10 replies

Userlevel 7
Badge +9

@Gren Welcome. Can you please check your Kaspersky reports and post a screenshot from the detection.

Which report or info are you looking for?  The summary report says the path is “System memory” and the action taken is “N/A”, which isn’t helpful.  The rest of it is date, time, device, etc.,   We’re using Endpoint Security for Windows v 11.0.0.6499

Userlevel 7
Badge +9

@Gren I moved your Topic to the Kaspersky Corporate Product Section.

Userlevel 7
Badge +7

You need to deny all notifications in browsers or allow only for specific sites.

More information:
https://translate.google.com/translate?sl=auto&tl=en&u=https://habr.com/ru/post/442026/

Denying all notifications seems extreme.  How can I tell which sites are causing the problem?  Also, there are no suspicious processes and the hosts file only has internal mappings.  Could this be a false positive?

Userlevel 7
Badge +7

What browser are you using? If it's Chrome, go to the address bar in the settings address:

chrome://settings/content/notifications

or open manual on Google-Help.

Check each allowed site in the "Allowed" box.
Remove suspicious ones.

 

Userlevel 1
Badge

We tend to get them too quite often. After starting the Advanced Disinfection it goes away.

If it is a false positive, then why does Windows remains in ‘hibernation’ preventing KRD to perform any intervention?

Badge


Application: Kaspersky Endpoint Security for Windows
Operating system: Windows 10 64-bit
Computer name: PC1
Domain: DC
Notifications:
Critical event: 10/05/2021 14:50:03:
Event type: Malicious object detected
User: DC\007 (Active user)
Component: Virus Scan
Result description: Detected
Type: Trojan
Name: Trojan.Multi.BroSubsc.gen
Threat level: Exactly
Precision: High
Object type: File
Object name: System Memory
Reason: Expert analysis
Database release date: 10/05/2021 11:45:00




Application: Kaspersky Endpoint Security for Windows
Operating system: Windows 7 SP1 64-bit
Computer name: PC2
Domain: DC
Notifications:
Critical event: 10/05/2021 14:42:09:
Event type: Malicious object detected
User: DC\008 (Active user)
Component: Virus Scan
Result description: Detected
Type: Trojan
Name: Trojan.Multi.Accesstr.ash
Threat level: Exactly
Precision: High
Object type: File
Object name: System Memory
Reason: Automatic analysis
Database release date: 10/05/2021 11:45:00
 
 
Userlevel 7
Badge +7