intrusus

Perfect @rvroege Then please mark your solution as “Best answer”. This will help out other members as well. :) Cheers, Intrusus

Hey @rvroege Just for me: Why do you use KES on your file server and not Kaspersky Security for Windows Server? Last one is also included in any KESB license. First, find out whether File Threat Protection actually slows down the computer (or a program): Find the computer that works slowly Disable the policy on it Stop (disable) File Threat Protection Check whether the computer (program) works any faster Even if programs work faster on the computer without File Threat Protection, do not leave File Threat Protection disabled. Configure exclusions for applications. Try various exclusion types: If all program files are located in a single folder, exclude the program’s folder from scanning If the program works with files in various folders or in a temporary folder, make the executable file of the program trusted Never exclude the operating system’s temporary folder from scanning. Malware is often started from it. If the program works with files in shared folders, try to disable scanning of network drives For the programs that start on the specified schedule during off business hours, pause File Threat Protection while the program runs Best regards, Intrusus

Okay, es gibt Antwort aus Moskau: Wähle bitte "Später erinnern" und beim nächsten Mal wo das Fenster erscheint, lehne es ab wenn möglich. Danach müsste es nicht mehr erscheinen. Sollte dies nicht möglich sein, gehe wie folgt vor: Schalte bitte den Kaspersky Selbstschutz aus. Öffne die Einstellungen (Zahnradsymbol) > Erweitert > Selbstschutz > Entferne hier den Haken. Bitte beende danach Kaspersky. Klicke dazu mit der rechten Maustaste einfach auf das Kaspersky-Symbol in der Taskleiste (unten rechts auf deinem Bildschirm) und wähle "Beenden". Öffne den Windows Registrierungseditor: Um den Registrierungseditor zu öffnen drücke auf Deiner Tastatur die Tastenkombination [Win] + [r] und gib anschließend "regedit" ohne Anführungszeichen ein. Bitte bestätige Deine Eingabe mit der Entertaste oder durch einen Klick auf OK. Finden den Registrierungszweig HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\AVP20.0\settings und wähle mit rechtsklick den Kaspersky_ID parameter an und klicke auf ändern. Gib dort einfach test@test.com ein, starte den Rechner neu und überprüfe, ob sich etwas geändert hat. Beste Grüße✌

Hi together - I’ve to interrupt here. Kaspersky is not a provider of VPN (Virtual Private Network) services. If access to specific websites or services is limited in the VPN service provider's region, you will not be able to access these websites and services through Kaspersky Secure Connection. Secure Connection - Application usage restriction This means, that Kaspersky does not want geoblocks to be circumvented with the help of Secure Connection, but simply wants to increase user security, e.g. by concealing the IP address, thus preventing tracking or securing surfing via public Wifi hotspots. It may be that some secure connection servers are blacklisted by Netflix & Co. Others are not. In this case, the random principle applies, with which IP you finally connect to the streaming provider. If bypassing geoblocking is still important to you, you should consider using a pure VPN provider. I personally use MullvadVPN , for example, because anonymity is extremely important to me and you can pay with cash, cryptocurrency and you don't have to provide an email address. Best regards, Intrusus

Hey @TechnicalQ sounds good, always glad if someone figures it out himself. 😎 In general please use the “adavanced desinfection” only if an active threat occurs. This feature is aimed at purging the Windows operating system of malicious programs that have already started their processes in RAM and that prevent KES from removing them by using other methods. The threat is neutralized when Advanced Disinfection technology is applied. While Advanced Disinfection is in progress, you are advised to refrain from starting new processes or editing the Windows operating system registry. After the Advanced Disinfection procedure is completed, the application restarts the protected machine. This caused your problem btw. 😉 After reboot, the program deletes malware files and starts a "lite" full scan of the protected computer. For your future & as a tip, Kaspersky teaches you to use the feature like this: Disconnect the infected device from the corporate network Disable the KSC policy locally (via right-click menu on KES-Symbol in Traybar) Open KES Settings locally Goto General Settings > Application Settings > Select checkbox “Enable Advanced Disinfection technology” Run a virus scan task locally Restart the computer, connect it to the internet again (maybe outside the windows network, so put in some kind of protected VLAN) Scan the whole computer again Cheers Mate, Leon

Hi @ramrod, kleines Update. Mein Ticket wurde an die Devs in Moskau weitergeleitet. Evtl. trägst Du durch dein Problem zum nächsten Update der KIS bei. ;) Sehr geehrter Herr [...], Vielen Dank dass Sie sich an den technischen Support von Kaspersky gewandt haben und für die gesandten Daten. Wir haben diese an unsere Produktentwicklung in Moskau weitergeleitet. Ihre Anfrage wird nun bearbeitet. Bitte warten Sie auf unsere Antwort. Sobald ich mehr weiß, gebe ich Bescheid.

Der einfachste Weg wäre über die Firewall deines Unternehmens. Ich weiß nicht, was du für einen Vendor einsetzt, bei Sophos XG reicht es aus, eine URL-Gruppe mit Youtube-URLs anzulegen und diese der Web Filter Policy hinzuzufügen. Auf Endpoint Basis werden, wie @alexcad schon in seinem Post schreibt, weitere Angaben benötigt.

Hi @TechnicalQ the “run missed tasks” option determines the behavior of a task if a client device is not visible on the network when the task is about to start. If this option is enabled, the system attempts to start the task the next time the Kaspersky Lab application is run on the client device: If the task schedule is Manually - it’s run Once, If the task schedule is Immediately: the task is started immediately after the device becomes visible on the network or immediately after the device is included in the task scope. You may want to disable this option for a resource-consuming task that you want to run only outside of business hours. What are the event logs of the specific client devices are saying? Check out the events in the client or administration server reports, please. Cheers, Leon

Okay, das wusste ich nicht. Bin mal gespannt, ob ich die gleiche Antwort bekomme ^^ Bedeutet, du hast nicht wirklich eine zufriedenstellende Antwort bekommen und das Problem besteht weiterhin?

Hi @ramrod Soweit ich weiß, ist dies aktuell nicht möglich. Sicherheitshalber habe ich einen Incident bei MyKaspersky für dich eröffnet und halte dich hier up2date (INC000011355540). Liebe Grüße, Intrusus

@mountaindancer das freut mich! Markiere bitte den entsprechenden Post als “Best Answer”, dann gilt der Thread als closed und andere Nutzer sehen direkt die Lösung 😉

Hi, I want to get knowledge about the future of the KSWS product. Is there a new version planned here (KSWS 11) and if so, will it or also KSWS 10.x be integrated into KSC 12 and KSC CloudConsole? In general we only use KSWS (and not KES) for server protection and we have many customers who also use this protection. Since many of them are migrating to cloud management and KSWS support is neither available for the current WebConsole nor announced for the new Kaspersky Security Center, I wanted to find out about the future of the product. If it is not yet officially allowed to publish information about it, that is okay and understandable. I just have to say that as partner we have to focus on vendors who also offer cloud based server security. KES sometimes does not fulfill the requirements of customers as KSWS does. If any other partner knows more than I do, please let me know. Also officials from Kaspersky Lab are pleased to join the conversation here 😌 Cheers✌

Hi @mountaindancer Sofern Du noch Student bis, verifiziere dich einfach erneut unter https://verify-service.com/kasperskylab/de/verify.html. Ansonsten musst du entweder auf ein gutes Angebot (z.B. Amazon) hoffen, oder in den sauren Apfel beißen. 😁 Grüße

Don’t know if you have meant this but also check out the Moving rules at Device Discovery… sometimes you forget that there are some rules with the option “Rule works permanently” checked and “Move only devices that do not belong to an administration group” unchecked.

Hi @remkovdhoef I think you’ve met all software requirements in advance? Installation of gcc, binutils, glibc, glibc-devel, make, ld, rpcbind Perl interpreter: version 5.10 or higher Cheers, Intrusus

Hey @richbuff Exactly, for me it's especially about KSN for my KESB customers and the KES Cloud Plus services. But I think that all Kaspersky online services should really be displayed there, just for documentation and transparency purposes. I'll open the whole thing again as a ticket and post the INC here. Thanks in any case for your answer :) Update: Ticket opened - INC000011352366

Hey Kaspersky Lab, maybe there is such a thing, but I'm not aware of it: It would be nice if there was some sort of status page for all important Kaspersky services. This would help with troubleshooting, for example, if the KSC shows the KSN as unavailable or if there are problems downloading updates. I know you have set up a redundant network for all kind of services and often the problem relies on the customers network, but an overview of the status of your most important cloud and update services would be really nice. Maybe it’s possible to develop something like statuscast.com/ where also some history-data will be provided. Also KES Cloud Services could then be displayed. If something like that already exists, a link would be very helpful in response. 😄 Thanks! P.S. Sorry for the wrong subject, but there was no kind of “Product Ideas” Sub forum when creating this thread :/

@Cal Edit: Just realized that you’re using Kaspersky Internet Security for Mac, aren’t you? 😅 I thought about Kaspersky Endpoint Security for Mac, so indeed contact support at my.kaspersky.com please. 😉 Cheers✌

That sounds weird. What you can try as a workaround is to add the described tools to the Trusted Zone. In the menu bar, click the application icon and choose Preferences. The application preferences window opens. On the Threats tab, in the Exclusions section, click Trusted Zone. The Trusted Zone preferences window opens. On the Trusted files and folders tab, edit the list of trusted files and folders: To add a file or folder to the list: Click the + Icon. A dialog where you can select a file or folder opens. Select a file or folder that you want to add. Click Open. Click OK. You should open a support case and describe your problem in detail at my.kaspersky.com Cheers, Leon

Hey @rjohnen, Danke für deinen Workaround - sorry für die verspätete Antwort :D War lange nicht aktiv da ich aktuell an meiner Bachelor-Thesis sitze, werde es dann die Tage versuchen.

Hi @daru If you expect professional support, open a support ticket at your Kaspersky partner or at Kaspersky itself. In this community, technical professionals from the community and also from Kaspersky itself are available to you on a voluntary basis. If you need help very fast, this is the wrong place. Regarding your Problem: If you manage less than 5000 devices and your SQL Server does not contain any other applications or databases, switch to MSSQL 2017 Express and uninstall MSSQL 2016. Install the MSSQL Server on the same server as the KSC to avoid access problems. Also use the same installation language of MSSQL like KSC (e.g. english and english), this sometimes helps out. Also use Windows authentication in the installer. SQL Server authentication is disabled by default with MSSQL and should not normally be used due security reasons. To find the necessary instance in the network, click the button Browse. If it does not show, make sure that SQL Server Browser service is running on the SQL server. It could be disabled by default. The installer also needs the permission to create a database. The Administration Server will need the write and read permissions for the database. If the Microsoft Windows Authentication Mode is selected, the installer connects to the SQL server under the current Windows user account you are logged in with. Meanwhile, the Administration Server will connect to the database under the account of its service: KL-AK-<*> by default, or the one selected by the administrator at a previous step. The current user must have the right to create a database on the SQL server. Use a system or domain administrator to install SQL Server and KSC. If the SQL server instance is located on another computer, make sure that SQL server allows remote connections, and that ports are not blocked by the firewall. Cheers, Leon

Hey zusammen, soeben habe ich Antwort erhalten - vielleicht gibt das ja Tiranon und anderen ein bisschen Aufklärung: Was genau die einzelnen Dateien jetzt bewirken oder verändern, ist jetzt nicht weiter bekannt, es wurden aber auf jeden Fall neben Virensignaturen auch Programm-Module aktualisiert. Liebe Grüße Leon

If the automatic update task of Kaspersky products does not work properly, the official solution is to reinstall the product. Download the latest version of the application. Uninstall the current version of the application. Install the latest version of the application. If the issue persists, submit a request to Kaspersky Lab technical support via the My Kaspersky portal. Please include a detailed description of the issue. Kind regards, Leon

Hallo zusammen, wenn ich wie folgt PSExec als "External Tool" konfiguriere, öffnet sich kurz die cmd und schließt sich daraufhin wieder. Was muss ich ändern? Liebe Grüße Leon

Hello and welcome, you can submit your code to Kaspersky through the whitelist program, which allows you to proactively combat false positives in all Kaspersky products. Find out more and register for the whitelist program here. It is completely free, but there are the following requirements for your company: You must have a working website. You website must contain company’s legal address. Your software and its website must not promote religious, political, or pseudo-scientific ideas. Your software must not replicate third-party products interface or standard operating system messages. Your software must not display fake messages allegedly provided by a third party. Every web site and software control icon and its title must unambiguously signify the associated action. Your software must not advertise or promote third-party software or web resources, unless they are used as a launch platform (like Steam or Origin). Software code or configuration files (including downloads) must not contain malicious functions or resources hosting Potentially Unwanted Programs (PuP). Digital signature (if Company has one) must not be used by other vendors and/or compromised (there must be no registered cases of the signature having been used by malware or PuP). Your software may also not be used to remotely access the computer without the user's consent or notice. Good luck & kind regards Leon P.S. You can also upload your .exe to VirusDesk and report it as false/positive. Remember, however, that future products of your company, or even changed code, can be detected as false/positive by Kaspersky's products through updates and that a new upload may be necessary.