Jump to content
Kaspersky Support Forum

About this blog

Entries in this blog

Known Problem

Anti-Cryptor doesn't start on OS boot [KES for Linux]

Problem Sometimes Anti-Cryptor task in KESL won't be able to launch after the OS is started. This may happen because Anti-Cryptor needs all the protected network resources to be up before KESL service is started. In other words, Samba or NFS services should be started before KESL service.  Solution To resolve this problem you need to make sure that services start in the correct order. For Systemd systems: 1. Create a file /etc/systemd/system/kesl.service.d/override.conf
svc_kms

svc_kms in Known Problem

0
Known Problem

Why are not all browser extensions blocked by Application Control? [KES for Windows]

The Application Control component has a category called Browser extensions. There is a known limitation for it in Chrome. If an extension runs in an already running Chrome process (many of them run as newly started Chrome processes, especially for extension reasons), it cannot be blocked because it is not a newly started process and the extension itself is not an executable. It requires an .exe file to load. An extension that is already running cannot be blocked by application control (it h
svc_kms

svc_kms in Known Problem

0
Known Problem

KES for Windows 12: printing order is much slower when Device Control component is running [KES for Windows]

Problem Description, Symptoms & Impact In KES 12.0, the way Device Control component works has been changed. See changelog: https://support.kaspersky.com/help/KESWin/12.0/en-US/127969.htm Due to these changes, you may notice that printing order becomes slow after you have upgraded KES to version 12.0 or higher. This delay may be around 30-60s or even 10-15 minutes. When you disable KES, it becomes instant. In some exceptional cases, the delay may be so big that it's impossible to p
svc_kms

svc_kms in Known Problem

0
Known Problem

KESL rejects connection from kesl-control, gui or nagent due to non-root write permissions [KES for Linux]

Problem There are several problems with similar causes: 1) KESL postinstall script produces error. Warning: Failed to set up KSN 2) KESL is installed and running. However, the kesl-control command outputs something like that: kesl-control --app-info Connection refused. Invalid user permissions for /var. Only root user should have write access to this path. kesl-control --app-info Could not connect to Kaspersky Endpoint Security 11.2.2 for Linux
svc_kms

svc_kms in Known Problem

0
Known Problem

Report Folder consumes disk space more than 1 GB [Kaspersky Security for Windows Server]

Environment/Preconditions KSC - 12 KSWS - 11.0.1.897 You may find a massive increase in disk usage from the folder report under the Kaspersky folder. The size of the report folder will increase from around 2GB to 12GB, the files in the report folder have random name (like 340a13d9-2a50-4c4e-94d6-82a79d80da4b), which rapidly grows and consumes disk space. The file can be deleted to resolve the disk space full issue, which itself can cause many issues (can't log in to the server, KS
svc_kms

svc_kms in Known Problem

0
Known Problem

KSWS Console removal fails with error 1336 [Kaspersky Security for Windows Server]

While removing Kaspersky Security for Windows Server Console removal log may contain a message: Error 1336. There was an error creating a temporary file that is needed to complete this installation. Folder: C:\Program Files (x86)\Common Files\Kaspersky Lab\Kaspersky Security for Windows Server\. System error code: 5 And if you launch removal process using an appwiz.cpl a popup will be displayed stating :  “There was an error creating a temporary file that is needed to complete
svc_kms

svc_kms in Known Problem

0
Known Problem

Info about KES in registry [KES for Windows]

How to check if KES is installed, its state (running or not) and bases version via registry: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\Components\34\1103\1.0.0.0\Statistics\AVState   More information about these registry keys is available in Online Help: https://support.kaspersky.com/ksc14/3644. Obtaining information from the registry is for familiarization purposes only. KESCLI commands method supported by developers: Managing the application from the command
svc_kms

svc_kms in Known Problem

0
Known Problem

HIKVision video monitoring does not work with Web Threat Protection and Web Control enabled [KES for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows)   Problem 3d party video monitoring solution from HIKVision and KES 11.3 or more recent version, up to 12.0 When you open the URL of video web server, for example, http://172.17.64.5/ the error Playback interrupted occurs. The problem occurs because video software does not comply with HTTP RFC.  Use
svc_kms

svc_kms in Known Problem

0
Known Problem

Application startup control rules based on the file's metadata [KES for Windows]

Problem Application category based on the "Metadata" conditions created, but does not work. Solution This is expected behavior, in case the file does not have a digital signature, that can be trusted by local KES on the host in question, or is not known in KSN. Use sigcheck tool to see if the file has a valid digital signature – https://technet.microsoft.com/ru-ru/sysinternals/bb897441.aspx  Use other criteria, to determine the category (for example file hash).
svc_kms

svc_kms in Known Problem

0
Known Problem

Information on Trojan.Multi.Accesstr detection [KES for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows)   Trojan.Multi.Accesstr detection is triggered when KES detects that one of Windows utilities in %systemroot%\system32 folder is replaced by cmd.exe or powershell.exe. Please see below for a list of affected files with exact detection names. Detection event looks like this:
svc_kms

svc_kms in Known Problem

0
Known Problem

About Disk I/O usage optimization option [Kaspersky Security for Windows Server]

In KSWS/KESS/KICS there is an option in update task to Lower the load on the disk I/O. It is important to understand that when this option is enabled the task does not use HDD resources at all. Updater will not only place current updates to RAM. Update temp and cache files will also be placed there. Incorrect expectation: The task uses dedicated amount of RAM, in case if dedicated RAM is not enough for all update files including temp and cache task will continues through HDD. Actu
svc_kms

svc_kms in Known Problem

0
Known Problem

Tray icon appears twice or does not appear at all [KES for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows) This problem has been observed in KES 11.5, but may apply to other versions as well. Problem Sometimes the KES tray icon behaves unexpectedly: it appears twice or does not appear at all (the icon next to the Windows clock). Solution Reset the tray icons: Open regedit; Go to HKEY
svc_kms

svc_kms in Known Problem

0
Known Problem

kesl-supervisor.service: Control process exited, code=exited status=203 [KES for Linux]

Description After successful installation kesl-supervisor.service may refuse to start with the following error: kesl-supervisor.service: Control process exited, code=exited status=203 journalctl -xe command provide more information related this error ***** kesl-supervisor.service: Failed to execute command: Permission denied kesl-supervisor.service: Failed at step EXEC spawning /var/opt/kaspersky/kesl/install-current/etc/init.d/kesl-supervisor: 
svc_kms

svc_kms in Known Problem

0
Known Problem

About Disk I/O usage optimization option [Kaspersky Security for Windows Server]

In KSWS/KESS/KICS there is an option in update task to Lower the load on the disk I/O. It is important to understand that when this option is enabled the task does not use HDD resources at all. Updater will not only place current updates to RAM. Update temp and cache files will also be placed there. Incorrect expectation: The task uses dedicated amount of RAM, in case if dedicated RAM is not enough for all update files including temp and cache task will continues through HDD. Actu
svc_kms

svc_kms in Known Problem

0
Known Problem

KSWS spawns a lot of PR*.tmp files [Kaspersky Security for Windows Server]

Problem You might notice that large files named like PR*.tmp appear in C:\Windows\Temp. Cause This is known and expected behavior. When the product scans an object it creates a temporary copy, names it like PR*.tmp and places it in the temp folder.Once the scan is complete, this temporary file gets deleted. Large PR*.tmp files mean that some large objects are scanned by OAS (On-Access Scan) or ODS (On-Demand Scan). Solution In some cases there might be not enough sp
svc_kms

svc_kms in Known Problem

0
Known Problem

SSH certificate import error during the "Install application remotely" task in KSC [KES for Linux]

Problem The "Install application remotely" task wizard presents an option to specify an SSH certificate as account credentials, if Linux package is selected for installation.  The wizard does not accept certain certificates and fails to provide informative error messages why this happens. Examples: Failed to upload the certificate. Failed to import the private key of the certificate. Root cause KSC 13.2 only accepts PEM certificates, they start with
svc_kms

svc_kms in Known Problem

0
Known Problem

Licensing and FDE functionality [KES for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows)   There are two real-world scenarios related to KES FDE encryption and licensing that often result in unexpected behavior of encrypted devices: FDE encryption is used with the Advanced license and later replaced with the Select license (or any other license without encryption). Encryption license is expir
svc_kms

svc_kms in Known Problem

0
Known Problem

Trusted Applications [KES for Mac]

The KESMac 12 and the KESMac 11.3 patch C allows adding particular processes into the trusted section named Trusted Applications. The both filesystem and network activity of which can be ignored by the product increasing performance. Please, however, note that this could be potentially risky.  https://support.kaspersky.com/KESMac/11.3_adminguide/en-US/194142.htm Problem This article will describe a few ways to configure KES for Mac to exclude some of the software from th
svc_kms

svc_kms in Known Problem

0
Known Problem

KES for Windows on KES Cloud installation fails with '(1187/0x0 ("Bad parameter "VerifyCertDate"")' [KES for Windows]

Problem Description, Symptoms & Impact Local installation from a standalone package fails Diagnostics Check installation logs of the product. We are looking for the following string: 09.02.2022 17:06:19.453 00000374.000028B4 L1  KLSTD: #1, Error was caught in KLERR_throwError, c:\a\b\a_6vlf7p9h\s\csadminkit\development2\klri\pkginst\klpkinst.cpp@1061. Error params: (1187/0x0 ("Bad parameter "VerifyCertDate""), "KLSTD", c:\a\b\a_6vlf7p9h\s\csadminkit\development2\klri\pkgi
Stan Shpatar

Stan Shpatar in Known Problem

0
Known Problem

Linux programs remote execution using "Install application remotely" task in KSC [KES for Linux]

This only applies to KSC 14.2 and below Problem Remote installation tasks finishes with uninformative errors: Setup process error: Unknown error. (126) Setup process error: Unknown error. (2) Solution 1. Create 3rd party installation package (Create installation package -> Create an installation package for the specified executable file.) 2. Specify executable file, for example script.sh 3. Locate this package folder in KSC storage, by default %ProgramD
svc_kms

svc_kms in Known Problem

0
Known Problem

BitLocker management [KES for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. What is the role of Kaspersky in BitLocker encryption process ? Basically, KES BitLocker management is a COM object that is registered in the system and changes the BitLocker component settings in accordance to the settings that are specified in the KES policy. Afterwards it stores the recovery data received from BitLocker component on the KSC side. Also, it provides error-reporting and verifies that th
svc_kms

svc_kms in Known Problem

0
Known Problem

Task's stop settings are not available in KSWS database update and scan tasks [Kaspersky Security for Windows Server]

Consider the following scenario: Open update or scan KSWS task.  Go to Schedule->Advanced→Task stop settings: Solution Task's stop settings are greyed out and cannot be changed. This is by design behaviour: Task stop settings can be changed only for real-time tasks  - Real-Time File Protection and Script Monitoring. These tasks can be configured in KSWS policy to pause the execution at certain time not to interfere with 3d apps or speed up heav
svc_kms

svc_kms in Known Problem

0
Known Problem

Why doesn't KES work in Safe Mode? [KES for Windows]

This behavior is expected. We have no control over a system booting in Safe mode, because Safe mode is a special boot mode for OS diagnostics and repair. It is not possible to enable KES booting when Safe mode is running. However, booting in Safe mode can be disabled using GPOs or the local registry. It can be done by a local administrator. One of the ways to disable Safe Mode is described here.
svc_kms

svc_kms in Known Problem

0


×
×
  • Create New...