Can you disable KTS protection for 5 mints & use 7zip for password protected batch files then renable protection. Or disabled protection for 1 hours and run macrium. Create backup.As the title suggests, I've tried everything.... It keeps deleting my batch files. I'm trying to make a backup with Macrium but to no avail as it keeps deleting my batch scripts
What can i do?
Sure but that's more of a workaround rather than actually fixing the root cause.Can you disable KTS protection for 5 mints & use 7zip for password protected batch files then renable protection. Or disabled protection for 1 hours and run macrium. Create backup.
Yes but it's the only way for now. Or send your scripts to Kaspersky as a FP and wait for their review.Sure but that's more of a workaround rather than actually fixing the root cause.
What's FP?Yes but it's the only way for now. Or send your scripts to Kaspersky as a FP and wait for their review.
I don't understand why the exclusions... don't exclude?Yes but it's the only way for now. Or send your scripts to Kaspersky as a FP and wait for their review.
Yes, correct, they're in a shared network folder. On my NAS.I guess that specific detection is in "Object Name:" field:
View attachment 287236
Try adding the mask *Detection name*
Also, where are located those files, in shared network folder?
View attachment 287237
False PositivesWhat's FP?
I already did, it's in my screenshotYes, try with *HEUR:Trojan-Downloader.BAT.Bitser.gen*
oh ok thx I'll try thatNo, In Your screenshot only HEUR:Trojan-Downloader.BAT.Bitser.gen, without *....*, I mean, add *
Tried it, didn't do anything. Do I have tor reboot the PC?No, In Your screenshot only HEUR:Trojan-Downloader.BAT.Bitser.gen, without *....*, I mean, add *
Reboot KtsTried it, didn't do anything. Do I have tor reboot the PC?
Not necessary, can You post the exact details of the detection, check in Reports and copy/paste fromt there.Tried it, didn't do anything. Do I have tor reboot the PC?
Event: Object deletedNot necessary, can You post the exact details of the detection, check in Reports and copy/paste fromt there.