lucr

Hi, I have the below exclusion configured in my KSWS 10 policy, to exclude the ntds.dit file from scanning: Yet, on occasion, I receive this warning by email: Event "Object not processed" occurred on device “ServerName” in Windows domain “Domain” on February 22, 2020 11:03:27 PM (GMT-05:00) Object not processed. Reason: read error. Object name: \\?\GLOBALROOT\Device\HarddiskVolume395\Windows\NTDS\ntds.dit I noticed that the above warning occurred during a backup which had started at 11PM. The backup uses VSS. I believe KSWS is scanning the VSS copy and generating the above warning. What should I do, to stop KSWS from scanning the VSS copy? Environment: KSC 11.0.0.1131 amd KSWS 10.1.2.996 Thanks.

Yes it does. When I plug the pointer's USB transceiver into the computer, another "HID Keyboard Device" entry appears under "Keyboards" in Device Manager.

Any help?

Environment: KSC 10.5.1781, KES 11.1.0.15919 We have several Logitech presentation devices in use. They are shared among users and it is rather cumbersome to have to approve them on every computer, when the "BadUSB Attack Prevention" feature attempts to verify the device (since they are detected as keyboards). We do not allow the display of the on-screen keyboard, to prevent users from authorizing an infected USB device. Is it possible to add these USB presentation devices to the "Trusted Devices" tab of the KES11 policy's Device Control section? I have tried to add, but don't see any keyboard device type. Thanks.

Hi, is someone looking at the KES.klp file?

My apologies for the delay. The file can be downloaded from OneDrive, using this link: KES.klp

My apologies. I listed KSWS instead of KES. The version of KES is 11.1.0.15919. I am trying to attach an export of my KES policy, but I don't see any option/button to attach. Do I just copy/paste to contents of the file to a reply post?

Hi, I have configured my KES policy to scan USB drives upon insertion, through: Local Tasks > Removable drives scan > Action on connection of a removable drive: Detailed Scan I also have checked the “Block the stopping of the scan task”. When I plug in a USB drive, a scan windows pops up and the drive is scanned. Although the “Stop” button is greyed out, if I click the “X” in the top right corner, I am asked “Are you sure that you want to cancel the action?”. When I click “Yes” the scanning stops. How do I block this loophole allowing the cancellation of the scan task? KSC v10.5.1781 with patch A KSWS v10.1.1.746

Thank you very much for the quick reply!

Hi, I am new to Kaspersky products and am not sure if I am posting in the proper place. I was looking for Kaspersky Forum and the account creation process sent me here (Kaspersky Community). Environment: KSC v10.5.1781 with patch A KSWS v10.1.1.746 I have deployed KES v11 with no issues on the “Real-time protection status”. All clients display as “Running”, as expected. However, after deploying KSWS 10 on 2 servers, the “Real-time protection status” on both servers displays as “Running (user-defined settings)”. As shown in the image, everything is locked. What am I missing? Thanks.