Kaspersky
Solved

Kali linux 2020.1 scaned and reports many viruses


I just downloaded kali linux 2020.1. i scaned it with the kaspersky security cloud which will report many many viruses. Do you now why? Is this a false possitive report?

Thank you for your answer

 

 

icon

Best answer by Danila T. 21 October 2021, 07:47

View original

This topic has been closed for comments

16 replies

Userlevel 7
Badge +11

Hello @vasileios,

Welcome!

  • Scan the detected objects using Kaspersky’s Threat Intelligence Portal & if Kaspersky Security Cloud is a subscription license, open a Kaspersky Technical Support Malware, False positive request (see image), zip the objects, name the zip archive(s) INFECTED, password protect the archive(s), add the password to the request information, include the Kaspersky Security Cloud Detected objects report, ask the Technical Team to analyse the objects and advise? 
  • To generate the Kaspersky Security Cloud report → Open KSCloud, select MORE TOOLS, select Reports, select Detailed Reports, select Detected objects, select  24hrs or 7days, select Export, export the Report, save as a .txt file, :paperclip: attach the Report to the request. 

Thank you:pray_tone3:

Flood:whale:

Hallo Flood

 

Thank you for your answer. The Problem as well is that kaspersky will not resolve the issues not Quarantine them just turning and turning. I open an incident to support. Unfortunatly can not upload any infected?? items because they are not in Quarantine yet. i Just stundying for my sec+ at the moment and wanted to test the antivirus so i have a trial version of kasperky cloud security at the moment.

 

Thank you

Userlevel 7
Badge +11

Hello @vasileios,

You’re most welcome:relaxed: !

  1. Export the Kaspersky Security Cloud Detected object report, save as a .txt file & attach:paperclip:  here to your topic? 
  2. Even if the objects are not in Quarantine, the Kaspersky Security Cloud Detected object report will show the objects & path, each object can be uploaded to Kaspersky Threat Intelligence portal
  3. Regarding Kaspersky Security Cloud “not resolving the detections”, has Resolve for one object at a time been selected? 
  4. For Kaspersky Security Cloud Free & Trial versions, there is no Technical Support. 

Please post back?

Thank you:pray_tone3:

Flood:whale:

File atached. I cannot upload the kali linux iso to the KS Threat management= File to big.

 

Many Thanks

ps KS Security Cloud still turning and resolving.

I just scaned the kali linux 2019.4 iso with kaspesky cloud security and wont report any viruses or malwares. Maybe false negative? or just all things are OK with the 2019.4 version of kali linux.?

This is the Link which i downloaded the kali linux 2019.4 version of kali linux “cdimage.kali.org

and this is the official link which i downloaded the kali linux 2020.2 version  “kali.org/downloads

Try it yourself

 

Many thanks

 

Moderator note : Potential malicious links disabled

Userlevel 7
Badge +11

Hello @vasileios,

  • Regarding Kali 2020, many of the detections are classified as Riskware, Kaspersky’s definition is as follows:

Misuse of riskware is done to steal data, hijack computer systems, or cause disruptions. These programs are not designed to be malicious — but they do have functions that can be used for malicious purposes. When used with bad intentions, the riskware program can be viewed as malware.”

  1. Was the iso unpacked before scanning? 
  2. Run Kaspersky Security Cloud All events report & post back please?

Thank you:pray_tone3:

Flood:whale:

Resources:

What is Riskware?

Types of Spyware

Hi Flood,

 

Thank you for your help!!

 

  1. Was the iso unpacked before scanning?  The Packet is an ISO file downloaded from the official Kali Linux  KS Cloud reports riskware(?) = still resolving on my computer until now.

           The 2019.4 ISO file from the Official Linux site, scanned with KS Cloud won’t report any     Riskware(?)

  1. Run Kaspersky Security Cloud All events report & post back please?
Userlevel 7
Badge +11

Hello @vasileios,

You’re welcome:slight_smile: !

Thank you for the reports, both are 0kb & have no data:thinking:

 

  1. Please edit your reply & remove the links, they’re not required, thank you. 
  2. Our question regarding the iso was - was it unpacked before scanning? 
  3. Regarding “still resolving on my computer until now”,  if that means the Resolve option is still processing, exit  Kaspersky Security Cloud, on Windows Taskbar, rightclick the Kaspersky icon, select Exit, shutdown computer using Shutdown, not Restart, power computer on, login, start  Kaspersky Security Cloud, select one object to resolve, allow the Resolve process to complete, if it does not resolve it suggests Kaspersky Security Cloud cannot access the files/objects, because the iso was not unpacked; in which case you’ll need manually manage the objects

Thank you:pray_tone3:

Flood:whale:

Hi Flood

NO it was not unpacked.

Reply edited = Links removed.

 

Thank you

Userlevel 7
Badge +11

Hello @vasileios,

You’re welcome:slight_smile: !

  • Both reports are 0kb & have no data:thinking: , see image above, please rerun & post back? 
  • Also, if, AFTER the procedure in our last reply, if Kaspersky Security Cloud is unable to resolve the detections & if the Notification center still shows 600+ detections, Export settings, Restore settings, Import Settings.

Thank you:pray_tone3:

Flood:whale:

Userlevel 4
Badge

I downloaded kali-linux-2020.2-installer-amd64.iso (3.6Gb) then extracted with universal extractor then scanned with KSC:

in folder \pool\main\...\ there are a lot of “virus”, for ex one of file (small mb) scanned on VirusTotal: (result)

 

Userlevel 7
Badge +9

Please see Kaspersky Withelisting report.

K-Lab Technical Support is the best option.

Why doesn’t Kaspersky get the SHA for the known Kali images and if the images downloaded by a customer match, don’t crack it open and report all 350+ items for action. We know what Kali does, just report that Kali exists if it hasn’t been altered. 

 

Userlevel 7
Badge +7

See: