Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
You need a Mac device with macOS 14+ to supervise iOS device log via Apple Configurator
Your iOS device will be reset to factory settings during supervising
Download Apple configurator via App Store.
Run Apple Configurator.
Connect your iOS device.
Unlock the device and tap Trust.
Select your device and click on the Prepare button
Step-by-step guide
You need a Mac device to collect iOS device log via Apple Configurator.
Download Apple configurator via App Store.
Run Apple Configurator.
Connect your iOS device.
Unlock the device and tap Trust.
Open the iOS device → Console.
Reproduce the issue.
Save the log in Apple configurator.
Try to save the log as soon as possible after you reproduce the issue, because the log is constantly being overwritten.
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
If you are willing to uninstall KES with msiexec (msiexec.exe /x {PRODUCT_CODE/GUID}) then product code/GUID is something you are probably looking for. Here they are:
KES product codes
Product name
Product code/GUID
FS6
{1B419
Advice and Solutions (Community Knowledgebase) Disclaimer. Read before using materials.
In case you want to skip automatic uninstallation of a specific software, but do not want to disable incompatible software check completely, you may edit cleaner.cab.
Step-by-step guide
Download full KES distributive
Start it and make sure all files were unpacked
Navigate to the directory you unpacked kes_win.msi to
Find cleaner.cab in case of KES11.9 and older version
Description and cautions
The original scenario located on the page https://support.kaspersky.com/kes11mac/diagnostics/15299, requires a lot of efforts and manual manipulations.
I am offering a bit easier and time-saving approach doing the same.
Details
All the commands from the original document are saved here, but placed together and being run one after another consequently; the old product logs are also wiped up in order to avoid mess:
Login under root:
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
You may come across an occasion when instead of an internal webpage you will have a warning message in a browser if you have Scan encrypted connections option enabled.
You should not blindly add certificates to a Trusted Root Certification Authorities storage just to remove a legitimate warning. Doing so ma
Intro
This instruction describes how to create an installation package (.pkg) for the MacOS operating system from the standalone installation package of Kaspersky Endpoint Security for Mac.
You may need to create such a package to automate the installation of Kaspersky Endpoint Security software via third-party systems (e.g. AirWatch).
Details
Files
Munki tool (with predefined files)
Prerequisites
Kaspersky Security Center
MacOS machine
Python
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Outlook add-in failure may be related to a KES upgrade.
Step-by-step guide
As the first step to quickly fix majority of the issues with Outlook add-in, unregister it and register again. Here is how to do it properly:
Close Outlook if opened.
Execute
There are 2 methods of installing iOS MDM on the user's device:
Via AppStore (iTunes Store);
Via Manifest URL (with manual placement of the package).
How to install via AppStore
Installation via AppStore involves a special key named App ID.
This process is fully automatic and requires no actions from the KSC administrator. In KSC, you need to specify the application name (this name will be used in KSC event log) and the application ID.
The applica
Advice and Solutions (Community Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Description
FDE precheck is a utility used for advanced Full Disk Encryption compatibility testing. It contains latest drivers which will be implemented in future KES releases. FDE precheck also collects diagnostic data used to fix compatibility issues. Inability to use laptop keyboard and\or touch-pad is one of the
If you want to store FDE encryption keys in Active Directory, this is possible if BitLocker encryption is used.
In order to transfer and store the recovery passwords (keys) in Active Directory, it is necessary to:
1. Enable the “Choose how BitLocker-protected operating system drives can be recovered” group policy https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-rec1 for target computers and configure saving BitLoc
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Testing Network Threat Protection (NTP, Network Attack Blocker or NAB) may appear tricky, as it is finely tuned to specific attacks only. During past years many detections were modified or removed to prevent major false detections. It is necessary to understand that NTP is not intended to prevent the following types of attac
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
The complete encryption procedure is as follows:
1. During authentication, a private key is generated based on the username and password
2. The private key is used to decrypt the user’s storage and extract the primary key
3. The primary key is checked against the identifier specified in the file hea
Information in this article can be used when there are disk space limitations imposed on the folders used by KESL:
/var/opt/kaspersky - default KESL installation folder
/tmp - default folder used to store temporary files during the scan
/var/opt/kaspersky
To move files located in this directory you can create a symbolic link to another folder before installation. Use the following steps:
Before installing KESL:
KSWS/KESS use * as a wildcard character. There are multiple ways to use it.
Examples
Masks without paths
*.exe - all files with extension *.exe
test - all files with name test
Masks with absolute paths
C:\dir\*.* - all files in folder C:\dir\ and its subfolders
C:\dir\*.exe - all files with mask *.exe in folder C:\dir\ and its subfolders
C:\dir\test - all files named test in folder C:\dir\ and its subfolders
C:\dir\ - all files in fold
Sometimes you may need to add a particular site\domain to an exclusions list of Traffic Security.
Unfortunately, at current moment KSWS console allows us to make exclusions ONLY for Ports, IP-addresses, and Processes:
But we have ability to make site and domain exclusions for Traffic Security via registry workaround.
To implement workaround, we need to create and fill following REG_MULTI_SZ key:
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\WSEE\11.0\Env
Problem
KSC and KS4Android are implemented but KSC is offline and could not access Internet. KUU can be used for updating KS for Android and distribute the update databases. But after running KUU (Kaspersky Update Utility), you cannot find actual KES for Android versions.
Solution
AV bases for new KESM versions will appear in KUU UI after running KUU with empty application list.
The KUU settings should look like the following (in order to update the list of supported applic
Description
As part of proactive security, you may wish to add sha256 to block the execution of application or malicious applications without having the original source files.
This article explains how to perform this action.
How To
Create a text file containing the sha256 you want to block.
Use the AppRulesGenerator.exe app to generate an xml file:
Import the generated .xml file into the KSWS policy:
This instruction is relevant only in case of troubleshooting incorrect loading or rendering of a web page.
In order to troubleshoot issues KES network traffic related issues traffic dump is required. It is easier to analyze and does not require third-party software installation.
If reproduction of the issue requires the web browser to open web pages(such as web control non-working as expected, web page not loading, and so on), the tests should be performed in Incognito mod
To check Block action:
Specify Block actions for all rules in the group Activity of script engines and frameworks.
Extract files from the archive and start the scripts. All scripts should be blocked, popup about it should be shown.
There will be new records about blockings in the local report, events and AAC report in KSC console.
To check Smart action:
Host where KES is installed is under the policy applied. Specify Smart mode for all rules in the group Activi
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
There are multiple settings in both KES and KSC that allow to set notifications about various events. This article is based on example of setting complaint notification (message send to administrator if the users considers the blocking of the page to be mistaken).
Let's review three main scenarios, when KES is connected to KSC (either constantly or intermittently) and when it is not connected.
KES
Step-by-step guide
Open KSWS policy
Navigate to "User rights" section
Under "Configure application management section" press "Settings" button
In the "Permissions for Kaspersky Security" window press "Advanced" button
Select necessary user or group -> press "Edit" button -> press "Show advanced permissions"
In the "Permissions Entry for Kaspersky Security" window unselect "Uninstall Kaspersky Security", make sure that Type is set to "Allow"
Problem
Some devices do not have keyboards, but still are detected with BadUSB.
Step-by-step guide
In order to allow them work properly use BadUSB on-screen keyboard, using other onscreen keyboards or physical ones is not recommended.
To open BadUSB on-screen keyboard click on the highlighted text (example for Russian localization).
Note that Prohibit use of On-Screen Keyboard for authorization of USB devices option should be turned off.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
These logs are needed only in specific cases, to save time and effort do not collect these logs unless explicitly requested.
Behaviour Stream Signatures or BSS is a major part of System Watcher. Sometimes its logs are required to diagnose the issue.
Step-by-step guide
BSS log collecting is started via bases, so when you activate logging via the avp.com command, it will re
Step-by-step guide
Open Outlook.
Go to File → Options → Add-ins.
Check add-in options for the KES plugin.
Make sure that scan on receive and scan on send are enabled.
If problem persists, enable KES tracing.
Restart Outlook.
Send e-mail with infected .doc file.
Send another e-mail with EICAR.
Stop traces and send them to the Kaspersky support for further analysis.
