Lee Ogley

Thanks for the update. Have just tested the application again, and it’s all working now. Not changed anything our side, so it must be an update or something Kaspersky have done. Again thanks.

Thanks

No, the executable files is empty. Have tried a couple of wildcards such as ‘*’, but nothing lists. Other properties such as Application Registry and Hardware Registry ARE populated. Not sure what you mean by ‘Could you please post the whole message above?’ Screen of Application section below:-

The reporting is showing the exact .exe that I should have unblocked as shown the in the previous screenshots:- Appreciate all the help, as you can imagine this is very frustrating. Thanks Lee.

I’ve tried that, but whatever I put in the Application (by Mask) field, nothing appears in the list when clicking [Refresh]. Tried softphone.exe, *softphone*, *, explorer*…..nothing appears

I wasn’t too sure about that, so in the Trusted Applications tab I have two entries. One for the folder and a second one for the executable. I’m doing all this within KSC, and then clicking Force Synchronisation on a test machine where I’m trying to test the Softphone, so it picks up the new updated Policy.

Think everything is setup correctly. Application monitor just shows the one application. It is quiet a small application and self contained. Screen shots below :

Yes added to the 2nd tab (Policy\General Settings\Exclusions\Trusted Zone\Trusted Applications). The application SoftPhone.exe is very small and self contained. Within Task Manager and also Kaspersky Report bit show the actual executable name (softphone.exe) Thanks Lee

We have an softphone application (C:\Program Files (x86)\SoftPhone\SoftPhone.exe) that is getting blocked by Kaspersky. We are currently using Kaspersky Security Centre 12 and Endpoint 11.06. If I kill Endpoint on a PC, the softphone works fine. With Endpoint running we can’t make calls. Looking at the Endpoint Reports, under Host Intrusion Prevention it shows it being blocked with event ‘Application is not allowed to receive audio stream’, lower down shows the application has been added to the restricted group. Within Security Centre I’ve gone to [Policy\General Settings\Exclusions\] and added the application to the ‘Scan exclusions and trusted Applications’ section. After force synchronisation with Policy no change and still not working. I then, within SC went into [Policy\Advanced Threat Protection\Host Intrusion Prevention], here within the Protected Resource tab, I clicked the [Exclusions] button and added the app here. After Policy Synchronisation, we still have the same issue. I’m at a loss of what to try next. I did try the ‘Add Application(s) to Trust Group’ within the Application Rights tab, but whatever I put in there I can’t get it to list anything. Would really appreciate any help Thanks Lee.

I can see how to change the policy to be able to pause protection on Endpoint Security, but am unable to find a similar option for Kaspersky Security 11 for Windows Server. I am having issues with Windows Update not installing on our Windows 2016 servers. To rule out the antivirus I am wanting to pause protection, but cannot find how to to it. Any advise would be appreciated. Moderator: Moved to the correct forum, is not Kaspersky Antivirus Forum (home product).

I have a machine that is reporting Malicious Object Detected ever few minutes, but from the messages, I can’t work out what I need to delete to fix the issue. I’m getting two messages every 3-4 minutes :- Object Download was blocked Application: Microsoft Outlook User: dawn.haddington (Active user) Component: Web Threat Protection Result: Blocked: HEUR:Trojan.Script.Generic Object: https://xxxx-exch2016.xxxx.local/mapi/emsmdb/?MailboxId=bbc6b0c8-db53-462c-b728-c8c607b55d04@xxxx.co.uk//2462032625.xls//????11 Database release date: 29/09/2020 06:36:00 Hash: 8dd82588e312664b72bef419a7a12f856ab9159e5340391f88ed9331390e2b64 Malicious Object Detected Application: Microsoft Outlook User: dawn.haddington (Active user) Component: Web Threat Protection Result: Detected: HEUR:Trojan.Script.Generic Object: https://xxxx-exch2016.uksm.local/mapi/emsmdb/?MailboxId=bbc6b0c8-db53-462c-b728-c8c607b55d04@xxxx.co.uk//2462032625.xls//????11 Reason: Expert analysis Database release date: 29/09/2020 06:36:00 Hash: 8dd82588e312664b72bef419a7a12f856ab9159e5340391f88ed9331390e2b64 The environment is Outlook 2016 connected to on-premise Exchange 2016. New to Kaspersky, and just want to clean the machine and stop the repeated messages. Any help would be aprreciated. Thanks Lee.

We have just purchase Kaspersky Endpoint Protection for Business with 200 licenses. I’ve rolled the software out to about 50 clients so far. Around 10 will not update the database file. Upon checking, each affected machine is reporting that the license is missing. I then created a task to add the key to each client. Each machine reported the same error. Error Code A0430002. I then attempted to add the key locally to one machine. This was reported the same A0430002 error. Can anyone help? Thanks Lee