Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
You need a Mac device with macOS 14+ to supervise iOS device log via Apple Configurator
Your iOS device will be reset to factory settings during supervising
Download Apple configurator via App Store.
Run Apple Configurator.
Connect your iOS device.
Unlock the device and tap Trust.
Select your device and click on the Prepare button
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
This informational message does not mean that Self-Defense accuses any process of being under malware attack, it proactively blocks certain operations that could pose a potential threat to processes.
The number of events depends on the activity of applications that inhabit the system, especially from their periodic acti
Problem
There are several problems with similar causes:
1) KESL postinstall script produces error.
Warning: Failed to set up KSN
2) KESL is installed and running. However, the kesl-control command outputs something like that:
kesl-control --app-info
Connection refused. Invalid user permissions for /var.
Only root user should have write access to this path.
kesl-control --app-info
Could not connect to Kaspersky Endpoint Security 11.2.2 for Linux
Step-by-step guide
You need a Mac device to collect iOS device log via Apple Configurator.
Download Apple configurator via App Store.
Run Apple Configurator.
Connect your iOS device.
Unlock the device and tap Trust.
Open the iOS device → Console.
Reproduce the issue.
Save the log in Apple configurator.
Try to save the log as soon as possible after you reproduce the issue, because the log is constantly being overwritten.
Problem
kesl-control --app-info outputs the following error:
en
File Threat Protection: Unavailable due to file interceptor driver error
One of the most common root causes is Fanotify is disabled (or KESL could not access it) and kernel module compilation also failed.
A special utility can be used for this directly on the affected mac
Description
Starting from KES Windows version 12.6, it can parse third-party mail base files, but still can't re-assemble them. Malware scan tasks runs in folders where mail base files for Thunderbird or TheBat! are located and finds threats in old mail items.
Diagnostics
After choosing Resolve or setting "Disinfect, delete if disinfection fails" in the KSC task, nothing changes, and another malware scan task anyway finds the same threats.
Workaround and solution
Sinc
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
If you are willing to uninstall KES with msiexec (msiexec.exe /x {PRODUCT_CODE/GUID}) then product code/GUID is something you are probably looking for. Here they are:
KES product codes
Product name
Product code/GUID
FS6
{1B419
Intro
This instruction describes how to create an installation package (.pkg) for the MacOS operating system from the standalone installation package of Kaspersky Endpoint Security for Mac.
You may need to create such a package to automate the installation of Kaspersky Endpoint Security software via third-party systems (e.g. AirWatch).
Details
Files
Munki tool (with predefined files)
Prerequisites
Kaspersky Security Center
MacOS machine
Python
If you want to store FDE encryption keys in Active Directory, this is possible if BitLocker encryption is used.
In order to transfer and store the recovery passwords (keys) in Active Directory, it is necessary to:
1. Enable the “Choose how BitLocker-protected operating system drives can be recovered” group policy https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-rec1 for target computers and configure saving BitLoc
There are 2 methods of installing iOS MDM on the user's device:
Via AppStore (iTunes Store);
Via Manifest URL (with manual placement of the package).
How to install via AppStore
Installation via AppStore involves a special key named App ID.
This process is fully automatic and requires no actions from the KSC administrator. In KSC, you need to specify the application name (this name will be used in KSC event log) and the application ID.
The applica
Problem Description
While installing KES for Windows via KSC installation package the following error appears and interferes with installation.
Possible causes:
KES components installed already before installation.
Required driver files were not found.
Workaround & Solution
Use kavremover and reinstall KES with the latest patch.
In case kavremover will not help, please collect procmon and KES installation logs, actual GSI with e
How to check if KES is installed, its state (running or not) and bases version via registry:
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\Components\34\1103\1.0.0.0\Statistics\AVState
More information about these registry keys is available in Online Help: https://support.kaspersky.com/ksc14/3644.
Obtaining information from the registry is for familiarization purposes only. KESCLI commands method supported by developers:
Managing the application from the command
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
The complete encryption procedure is as follows:
1. During authentication, a private key is generated based on the username and password
2. The private key is used to decrypt the user’s storage and extract the primary key
3. The primary key is checked against the identifier specified in the file hea
Problem Description, Symptoms & Impact
In KES 12.0, the way Device Control component works has been changed. See changelog: https://support.kaspersky.com/help/KESWin/12.0/en-US/127969.htm
Due to these changes, you may notice that printing order becomes slow after you have upgraded KES to version 12.0 or higher. This delay may be around 30-60s or even 10-15 minutes. When you disable KES, it becomes instant. In some exceptional cases, the delay may be so big that it's impossible to p
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
You may come across an occasion when instead of an internal webpage you will have a warning message in a browser if you have Scan encrypted connections option enabled.
You should not blindly add certificates to a Trusted Root Certification Authorities storage just to remove a legitimate warning. Doing so ma
Advice and Solutions (Community Knowledgebase) Disclaimer. Read before using materials.
In case you want to skip automatic uninstallation of a specific software, but do not want to disable incompatible software check completely, you may edit cleaner.cab.
Step-by-step guide
Download full KES distributive
Start it and make sure all files were unpacked
Navigate to the directory you unpacked kes_win.msi to
Find cleaner.cab in case of KES11.9 and older version
Advice and Solutions (Community Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Description
FDE precheck is a utility used for advanced Full Disk Encryption compatibility testing. It contains latest drivers which will be implemented in future KES releases. FDE precheck also collects diagnostic data used to fix compatibility issues. Inability to use laptop keyboard and\or touch-pad is one of the
Problem
While WTP/NTP is enabled, nft utility produces errors (stderr) like
# nft list ruleset
XT target TPROXY not found
XT target TPROXY not found
XT target TPROXY not found
XT target TPROXY not found
These errors are caused by a bug in nft ut
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
Same info can be found here: https://support.kaspersky.com/16010
Starting from version 11.5, some file versions, registry and file system paths may differ from the release version and refer to the product line version.
Release full build version
Product line version
GUID
1
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
This problem has been observed in KES 11.5, but may apply to other versions as well.
Problem
Sometimes the KES tray icon behaves unexpectedly: it appears twice or does not appear at all (the icon next to the Windows clock).
Solution
Reset the tray icons:
Open regedit;
Go to HKEY
Scenario
Enable Network Threat Protection
Connect another Mac via a thunderbolt cable
Try to send any data from one computer to another
Connection times out
Workaround & Solution
Connect computers by other means or disable NTP when using Thunderbolt bridge.
RCA
This issue is caused by a bug in macOS' built-in packet filter and was reported to apple.
This article describes what is considered a Full Scan, which affects the KSC status "Virus Scan has not been performed for a long time".
Scan task area settings
There are two ways to set areas for a Scan task. Tasks started with any other settings (including Quick Scan and Critical Area Scan with default settings) will not be considered as a Full Scan.
Primary
Kernel Memory
Running processes and Startup Objects
Disk boot sectors
Local disk (logical di
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Problem
When KES installation fails with error message "Failed to access local group policy. Error 0x80004005", installation log should be checked. If it contains something similar, follow the steps below.
MSI (s) (F4:94) [11:27:28:103]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MS
KSWS/KESS use * as a wildcard character. There are multiple ways to use it.
Examples
Masks without paths
*.exe - all files with extension *.exe
test - all files with name test
Masks with absolute paths
C:\dir\*.* - all files in folder C:\dir\ and its subfolders
C:\dir\*.exe - all files with mask *.exe in folder C:\dir\ and its subfolders
C:\dir\test - all files named test in folder C:\dir\ and its subfolders
C:\dir\ - all files in fold
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
What is the role of Kaspersky in BitLocker encryption process ?
Basically, KES BitLocker management is a COM object that is registered in the system and changes the BitLocker component settings in accordance to the settings that are specified in the KES policy. Afterwards it stores the recovery data received from BitLocker component on the KSC side. Also, it provides error-reporting and verifies that th
