This only applies to KSC 14.2 and below
Problem
Remote installation tasks finishes with uninformative errors:
Setup process error: Unknown error. (126)
Setup process error: Unknown error. (2)
Solution
1. Create 3rd party installation package (Create installation package -> Create an installation package for the specified executable file.)
2. Specify executable file, for example script.sh
3. Locate this package folder in KSC storage, by default %ProgramD
Problem
Sometimes Anti-Cryptor task in KESL won't be able to launch after the OS is started. This may happen because Anti-Cryptor needs all the protected network resources to be up before KESL service is started. In other words, Samba or NFS services should be started before KESL service.
Solution
To resolve this problem you need to make sure that services start in the correct order.
For Systemd systems:
1. Create a file /etc/systemd/system/kesl.service.d/override.conf
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
Same info can be found here: https://support.kaspersky.com/16010
Starting from version 11.5, some file versions, registry and file system paths may differ from the release version and refer to the product line version.
Release full build version
Product line version
GUID
1
Product version/Environment
KSWS 10.1/11.X
Windows Server Requirements for the server on which Kaspersky Security for Windows Server is deployed
Description of Error
Run installation of the application or the console with the setup file. Error "Please go to the Control Panel to install and configure system components" pops up and installation doesn't run.
Solution
Unpack the installation file and run the .msi file inside instead of the setup:
Problem
The "Install application remotely" task wizard presents an option to specify an SSH certificate as account credentials, if Linux package is selected for installation.
The wizard does not accept certain certificates and fails to provide informative error messages why this happens.
Examples:
Failed to upload the certificate.
Failed to import the private key of the certificate.
Root cause
KSC 13.2 only accepts PEM certificates, they start with
This is a workaround and should be used if you can't check it the standard way.
1. Collect GSI
2. Open this file (see screenshot) and press ctrl+f and search for the word, for example, Firewall. Immediately you'll get a line with the installed components.
In Compact Diagnostic Interface
Can be checked in "About the application" window.
In Kaspersky Security Console
Can be checked in Action -> Information about the application and available module updates...
The Application Control component has a category called Browser extensions. There is a known limitation for it in Chrome.
If an extension runs in an already running Chrome process (many of them run as newly started Chrome processes, especially for extension reasons), it cannot be blocked because it is not a newly started process and the extension itself is not an executable. It requires an .exe file to load. An extension that is already running cannot be blocked by application control (it h
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
What is the role of Kaspersky in BitLocker encryption process ?
Basically, KES BitLocker management is a COM object that is registered in the system and changes the BitLocker component settings in accordance to the settings that are specified in the KES policy. Afterwards it stores the recovery data received from BitLocker component on the KSC side. Also, it provides error-reporting and verifies that th
This behavior is expected. We have no control over a system booting in Safe mode, because Safe mode is a special boot mode for OS diagnostics and repair. It is not possible to enable KES booting when Safe mode is running.
However, booting in Safe mode can be disabled using GPOs or the local registry. It can be done by a local administrator. One of the ways to disable Safe Mode is described here.
Step-by-step guide
Open Outlook.
Go to File → Options → Add-ins.
Check add-in options for the KES plugin.
Make sure that scan on receive and scan on send are enabled.
If problem persists, enable KES tracing.
Restart Outlook.
Send e-mail with infected .doc file.
Send another e-mail with EICAR.
Stop traces and send them to the Kaspersky support for further analysis.
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Version: any KES11.* on any OS
Scenario:
The following error appears during the installation:
Error 27310. Failed to install the directory file for the digital signature
Solution:
1. Run kavremover utility as administrator.
2. Delete KES drivers (if they were not deleted by kavremover) located
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
Version: KES 11.*
Scenario:
You're unable to boot into encrypted machine after FDE applied due to some problems with preboot agent or operating system.
The the safest and one of the most trivial options to restore the data from encrypted hdd or decrypt it 'in place' is going through KES related ‘challenge-response’ procedure using another (i.e. proxy) machine with KES and FDE installed.
There are 2 methods of installing iOS MDM on the user's device:
Via AppStore (iTunes Store);
Via Manifest URL (with manual placement of the package).
How to install via AppStore
Installation via AppStore involves a special key named App ID.
This process is fully automatic and requires no actions from the KSC administrator. In KSC, you need to specify the application name (this name will be used in KSC event log) and the application ID.
The applica
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article might be useful in the following cases:
If you want to configure multi-vendor security on endpoints, keeping both Kaspersky and Microsoft technologies;
If you don't know how to properly configure a Microsoft solution after installing KES;
If you're having some issues with the product and the OS after configuring KES and Defender.
The differences between the Defender
Environment/Preconditions
KSC - 12
KSWS - 11.0.1.897
You may find a massive increase in disk usage from the folder report under the Kaspersky folder. The size of the report folder will increase from around 2GB to 12GB, the files in the report folder have random name (like 340a13d9-2a50-4c4e-94d6-82a79d80da4b), which rapidly grows and consumes disk space.
The file can be deleted to resolve the disk space full issue, which itself can cause many issues (can't log in to the server, KS
Information in this article can be used when there are disk space limitations imposed on the folders used by KESL:
/var/opt/kaspersky - default KESL installation folder
/tmp - default folder used to store temporary files during the scan
/var/opt/kaspersky
To move files located in this directory you can create a symbolic link to another folder before installation. Use the following steps:
Before installing KESL:
Consider the following scenario:
Open update or scan KSWS task.
Go to Schedule->Advanced→Task stop settings:
Solution
Task's stop settings are greyed out and cannot be changed. This is by design behaviour:
Task stop settings can be changed only for real-time tasks - Real-Time File Protection and Script Monitoring. These tasks can be configured in KSWS policy to pause the execution at certain time not to interfere with 3d apps or speed up heav
Problem
KSWS10 and KSWS11 may have two issues because of the Application Control component:
Can't uninstall KSWS with the error "There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run"
Can't run GSI with this error "Unable to unpack the critical file. GsiSharp.bin"
Solution
Disable Application Control and retry uninstallation.
Сollect GSI, if necessary.
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Problem
"Removable disk" Encryption is enabled and the policy applied to the machines, but nothing happens when the client connects USB drive.
Solution
Encryption of the removable drives supports two modes:
Encrypt entire removable drive: based on Kaspersky Full Disk Encryption (FDE), the entir
Problem
KSWS detects certain exploit or malware frequently with N/A as an action in KSC reports.
Solution
1. Download the latest patch for our product on the machine which detects the issue.
2. Download the latest Windows security updates on the machine to cover the potential vulnerabilities.
3. Make sure that the product has the latest updates from KLABs servers.
4. Check the events on the impacted server as sometimes KSC report shows "detection events" only with a
Problem
If you found out that KSWS installations are somehow corrupted, and you're not able to remove it using conventional means (using misexec and/or appwiz.cpl), please do not use kavremover and/or mszap tools. Do not attempt removing the product manually as our goal is to determine the root cause of the product moving to this inconsistent state.
Solution
Please provide Kaspersky Support with the pertinent GSI log of the affected host and KSWS msi installer logs containing all
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
This problem has been observed in KES 11.5, but may apply to other versions as well.
Problem
Sometimes the KES tray icon behaves unexpectedly: it appears twice or does not appear at all (the icon next to the Windows clock).
Solution
Reset the tray icons:
Open regedit;
Go to HKEY
Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.
This article is about Kaspersky Endpoint Security for Windows (KES for Windows)
Sometimes it is required to unregister KES from context menu of Explorer. Follow these steps:
Disable self-defense of KES;
Open CMD shell as admin;
Run commands:
regsvr32 /u C:\Program Files (x86)\Kaspersky
Problem
In some cases, it is possible to run a database upgrade task on the KSWS/KICS/KESS host, but despite the upgrade task successfully completing, the databases are still out of date.
Solution
Most probably product operates in UpdateBlackListOnly mode. This happens in cases when product is activated with activation code and is unable to reach our activation servers. Thus KSWS fails to receive/refresh activation ticket and downloads updates only for Blacklist.
Possible way
