KSWS/KESS use * as a wildcard character. There are multiple ways to use it.
Examples
Masks without paths
*.exe - all files with extension *.exe
test - all files with name test
Masks with absolute paths
C:\dir\*.* - all files in folder C:\dir\ and its subfolders
C:\dir\*.exe - all files with mask *.exe in folder C:\dir\ and its subfolders
C:\dir\test - all files named test in folder C:\dir\ and its subfolders
C:\dir\ - all files in fold
Advice and Solutions (Community Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Description
FDE precheck is a utility used for advanced Full Disk Encryption compatibility testing. It contains latest drivers which will be implemented in future KES releases. FDE precheck also collects diagnostic data used to fix compatibility issues. Inability to use laptop keyboard and\or touch-pad is one of the
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Sometimes it is required to unregister KES from context menu of Explorer. Follow these steps:
Disable self-defense of KES;
Open CMD shell as admin;
Run commands:
regsvr32 /u C:\Program Files (x86)\Kaspersky
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
If you are willing to uninstall KES with msiexec (msiexec.exe /x {PRODUCT_CODE/GUID}) then product code/GUID is something you are probably looking for. Here they are:
KES product codes
Product name
Product code/GUID
FS6
{1B419
Step-by-step guide
Open Outlook.
Go to File → Options → Add-ins.
Check add-in options for the KES plugin.
Make sure that scan on receive and scan on send are enabled.
If problem persists, enable KES tracing.
Restart Outlook.
Send e-mail with infected .doc file.
Send another e-mail with EICAR.
Stop traces and send them to the Kaspersky support for further analysis.
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Testing Network Threat Protection (NTP, Network Attack Blocker or NAB) may appear tricky, as it is finely tuned to specific attacks only. During past years many detections were modified or removed to prevent major false detections. It is necessary to understand that NTP is not intended to prevent the following types of attac
Step-by-step guide
Install KSWS and make sure the Anti-Cryptor protection component running and its Work Mode is Active.
Install AESCrypt on a remote host.
Try to encrypt the files on a network share protected by KSWS.
Enter a password.
As encryption starts, Anti-Cryptor detects it and blocks remote user's session. In KSWS 11, by default, the application blocks a host's access to network file resources for 30 minutes.
The follow
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
You need a Mac device with macOS 14+ to supervise iOS device log via Apple Configurator
Your iOS device will be reset to factory settings during supervising
Download Apple configurator via App Store.
Run Apple Configurator.
Connect your iOS device.
Unlock the device and tap Trust.
Select your device and click on the Prepare button
If you want to store FDE encryption keys in Active Directory, this is possible if BitLocker encryption is used.
In order to transfer and store the recovery passwords (keys) in Active Directory, it is necessary to:
1. Enable the “Choose how BitLocker-protected operating system drives can be recovered” group policy https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-rec1 for target computers and configure saving BitLoc
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
There are multiple settings in both KES and KSC that allow to set notifications about various events. This article is based on example of setting complaint notification (message send to administrator if the users considers the blocking of the page to be mistaken).
Let's review three main scenarios, when KES is connected to KSC (either constantly or intermittently) and when it is not connected.
KES
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
You may come across an occasion when instead of an internal webpage you will have a warning message in a browser if you have Scan encrypted connections option enabled.
You should not blindly add certificates to a Trusted Root Certification Authorities storage just to remove a legitimate warning. Doing so ma
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Outlook add-in failure may be related to a KES upgrade.
Step-by-step guide
As the first step to quickly fix majority of the issues with Outlook add-in, unregister it and register again. Here is how to do it properly:
Close Outlook if opened.
Execute
Step-by-step guide
Open KSWS policy
Navigate to "User rights" section
Under "Configure application management section" press "Settings" button
In the "Permissions for Kaspersky Security" window press "Advanced" button
Select necessary user or group -> press "Edit" button -> press "Show advanced permissions"
In the "Permissions Entry for Kaspersky Security" window unselect "Uninstall Kaspersky Security", make sure that Type is set to "Allow"
Advice and Solutions (Community Knowledgebase) Disclaimer. Read before using materials.
In case you want to skip automatic uninstallation of a specific software, but do not want to disable incompatible software check completely, you may edit cleaner.cab.
Step-by-step guide
Download full KES distributive
Start it and make sure all files were unpacked
Navigate to the directory you unpacked kes_win.msi to
Find cleaner.cab in case of KES11.9 and older version
Problem
KSC and KS4Android are implemented but KSC is offline and could not access Internet. KUU can be used for updating KS for Android and distribute the update databases. But after running KUU (Kaspersky Update Utility), you cannot find actual KES for Android versions.
Solution
AV bases for new KESM versions will appear in KUU UI after running KUU with empty application list.
The KUU settings should look like the following (in order to update the list of supported applic
There are 2 methods of installing iOS MDM on the user's device:
Via AppStore (iTunes Store);
Via Manifest URL (with manual placement of the package).
How to install via AppStore
Installation via AppStore involves a special key named App ID.
This process is fully automatic and requires no actions from the KSC administrator. In KSC, you need to specify the application name (this name will be used in KSC event log) and the application ID.
The applica
Description
As part of proactive security, you may wish to add sha256 to block the execution of application or malicious applications without having the original source files.
This article explains how to perform this action.
How To
Create a text file containing the sha256 you want to block.
Use the AppRulesGenerator.exe app to generate an xml file:
Import the generated .xml file into the KSWS policy:
Intro
This instruction describes how to create an installation package (.pkg) for the MacOS operating system from the standalone installation package of Kaspersky Endpoint Security for Mac.
You may need to create such a package to automate the installation of Kaspersky Endpoint Security software via third-party systems (e.g. AirWatch).
Details
Files
Munki tool (with predefined files)
Prerequisites
Kaspersky Security Center
MacOS machine
Python
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
The complete encryption procedure is as follows:
1. During authentication, a private key is generated based on the username and password
2. The private key is used to decrypt the user’s storage and extract the primary key
3. The primary key is checked against the identifier specified in the file hea
Description and cautions
The original scenario located on the page https://support.kaspersky.com/kes11mac/diagnostics/15299, requires a lot of efforts and manual manipulations.
I am offering a bit easier and time-saving approach doing the same.
Details
All the commands from the original document are saved here, but placed together and being run one after another consequently; the old product logs are also wiped up in order to avoid mess:
Login under root:
Description and cautions
The original scenario located on the page https://support.kaspersky.com/kes11mac/diagnostics/15299, requires a lot of efforts and manual manipulations.
I am offering a bit easier and time-saving approach doing the same.
Details
All the commands from the original document are saved here, but placed together and being run one after another consequently; the old product logs are also wiped up in order to avoid mess:
Login under root:
Problem
There are slight differences when connecting devices to the Wi-Fi network configured via Kaspersky Endpoint Security for Mobile in Android 10.
The main difference is that the connection to the target Wi-Fi network is made automatically through the product installed on the device and can't be forced manually via device settings.
Step-by-step description
The following scenario demonstrates the correct way to connect the device to a Wi-Fi network, as well as what behavi
Information in this article can be used when there are disk space limitations imposed on the folders used by KESL:
/var/opt/kaspersky - default KESL installation folder
/tmp - default folder used to store temporary files during the scan
/var/opt/kaspersky
To move files located in this directory you can create a symbolic link to another folder before installation. Use the following steps:
Before installing KESL:
This instruction is relevant only in case of troubleshooting incorrect loading or rendering of a web page.
In order to troubleshoot issues KES network traffic related issues traffic dump is required. It is easier to analyze and does not require third-party software installation.
If reproduction of the issue requires the web browser to open web pages(such as web control non-working as expected, web page not loading, and so on), the tests should be performed in Incognito mod
Step-by-step guide
You need a Mac device to collect iOS device log via Apple Configurator.
Download Apple configurator via App Store.
Run Apple Configurator.
Connect your iOS device.
Unlock the device and tap Trust.
Open the iOS device → Console.
Reproduce the issue.
Save the log in Apple configurator.
Try to save the log as soon as possible after you reproduce the issue, because the log is constantly being overwritten.
