Search the Community

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. RDP connection invoked via KSC console uses hostname to connect to a host - mstsc.exe is invoked with /v hostname parameter. Edit command line used to invoke mstsc.exe with ip address parameter instead of the hostname: Open Custom tools → Configure custom tools Select Remote Desktop, click Modify Edit Command line text box, it should contain <host_ip> instead of <A>: /v:<host_ip>:<P> /f Disable Create tunnel for TCP port specified below checkbox Administration Console will now launch mstsc.exe with ip address as argument.

Hello @ukaszw80, Thank you for posting back & the information! You can't *make* the software English without installing a English language version, the shift+f12 is just a quick workaround, not sustainable. Uninstall the existing version, then download & install: Kaspersky Total Security for Windows® - from Kaspersky's Global website, select Global OR The European Union (if that suits your needs). IF that does not work, (your) best course of action is to contact Kaspersky Customer Service - select Email or Chat & fill in the template as in our image at the end of our reply. Because the license is from Ebay & there may be an issue - it's possible Kaspersky Customer Service may not be able to assist *but* all you can do is ask. Contact the Ebay merchant - find out why the product is not functioning in the manner you expect? 💥Just as information, the *repeated* advice provided here in the Community is: do not buy Kaspersky software from Ebay - some unscrupulous merchants sell Kaspersky licenses multiple times, knowing the license is limited or has other problems, they really don't care - they get their sale - if it turns out you've been sold a dud license - report the merchant to Ebay💥 Please share the outcome with the Community, when it's available? Thank you🙏 Flood🐳+🐋

Hey Demiad, thanks for your help with that :-) Can I launch the GUI from CLI using sudo?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows) aescrypt.zip and TestProgExp.zip can be found here. Remote encryption test This test requires two participating workstations: an Attacker PC and a Victim PC. Behavior Detection component has to be configured on a Victim PC to detect malware activity, protect shared folders and block connections on detection of external encryption. Step-by-step guide On a Victim PC create folder with regular office-like files: *.DOC, *.DOCX, *.XLX, *.JPG Share folder on the Victim PC, ensure that the account logged on to the Attacker PC has full access to the shared folder. Map the shared folder as a network drive on the Attacker PC. Add/unpack the aescrypt.zip archive to the Attacker PC. Add contents to the list.txt file, based on the files in a mapped folder. Since the folder is mapped, paths will look like local ones, eg. Z:\Book1.xlsx. Use the contents of file example-list.txt as an example: On an Attacker PC, launch test.bat file to start encrypting files from list.txt . Behavior Detection in KES on the Victim PC will detect the attempt and will try to perform a rollback. Full access to a share on Victim PC for an Attacker PC will be blocked (if specified in KES policy). File restoring event is logged on a protected workstation Access to a folder is blocked from an attacker's point of view Local encryption test Step-by-step guide Prepare a folder with files to get encrypted, perform tests on files *.DOC, *.DOCX, *.XLX, *.JPG. Add/unpack to this folder the attached TestProgExp.zip utility. Launch TestProgExp utility to start the encryption. Files will be encrypted in a folder with test utility Allow some time for Behavior Detection in KES to detect the attempt and perform the rollback, as well as get rid of the suspicious software: Files get restored

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows) Description FDE precheck is a utility used for advanced Full Disk Encryption compatibility testing. It contains latest drivers which will be implemented in future KES releases. FDE precheck also collects diagnostic data used to fix compatibility issues. Inability to use laptop keyboard and\or touch-pad is one of the most frequently met issues. Using FDE precheck you can understand if compatibility issue was already fixed and will be included in next release or it should be addressed. You can download latest FDE precheck utility using following links: For KES 11 - https://support.kaspersky.com/14328 System requirements Single operating system should be installed on the test machine, FDE Precheck can't properly function on a host with multiple operating systems. Use administrative account to run the utility. Read before proceeding Decrypt the test host and remove Kaspersky Endpoint Security and AES module. Do a backup of the critical data on the test machine. Follow the test sequence exactly as stated below. Do not manually stop the execution of the utility. The system will automatically restart several times, it is an expected behavior. Plug in laptop. Do not run test on battery. Failure to comply with steps above may lead to unpredictable consequences. Test sequence Make sure machine decrypted does not have KES or AES module installed not running any KL drivers has no critical data plugged in Reboot. Copy and unpack fde_precheck.zip archive. Run elevated fde_precheck.exe (either by right-clicking and choosing Run as administrator or by starting it from an elevated command prompt). If the program will not find any incompatibilities the following message box will appear: Press Yes, to initiate installation of the encryption drivers and initiation of the test. Wait for the automatic reboot, then login using the administrative user as was done earlier. Press OK on the pop-up that will appear shortly after the reboot: Press Yes in the UAC window if it will appear shortly after. Wait for several minutes (up to 10-15 minutes) until next automatic reboot will occur. Do not initiate reboot manually! It will be done automatically. Manual reboot at this stage may result in corruption of the OS. All preparations are run in background, it is normal that there will be no indication of activity on the desktop. After automatic reboot you will see the preboot agent, and it will require human presence to complete those tests. If possible, record the whole process on a camera of smartphone. You will be asked to enter random keystrokes using the keyboard and mouse. In case of successful keystroke registration you will see something like that: Just follow the instructions that will appear on the screen and press "NEXT >" when done with each test. In case FDE Precheck Preboot agent will fail booting or will freeze at some point, please take photo of the error message, or record the whole process on a camera and reboot the machine if necessary. OS will boot either way. Login using the administrative account that was used earlier. At this point drivers will be removed in the background and host will be rebooted one last time automatically. Wait for several minutes (up to 10-15 minutes) until next automatic reboot will occur. Do not initiate reboot manually! It will be done automatically. Manual reboot at this stage may result in corruption of the OS. All preparations are run in background, it is normal that there will be no indication of activity on desktop. The following three files are always created. All three files are mandatory to provide for analysis. fde_precheck_report.txt fde_precheck.log (will be located in the folder with fde_precheck.exe) Description of what have happened during tests (with screenshots and video if possible).

I recentlly discovered that Microsoft OneDrive, Phone Link, Microsoft Store and Windows Update had stopped working, all claiming I was not connected to the internet. This wasn't true, as my browsers were still working. I contacted Microsoft Support who found that their Quick Assist app couldn't connect. Microsoft suggested a clean boot, and when I did this with Kaspersky Total Security V 21.3.10.391 running the problems persisted. After pausing the Kaspersky protection, all the Microsoft apps worked correctly. Searching through the Kaspersky Forum I found this thread which provided a fix by Friend https://forum.kaspersky.com/topic/ms-teams-only-works-when-i-disable-my-kaspersky-35859/ This fix solved the immediate problems, and all the Microsoft apps worked correctly with Kaspersky protection running. Reading further in the thread I found that I should have installed Kaspersky Plus to replace my Kaspersky Total Security. I have done that, and everything is working.

I have Kaspersky Premium. "Previous application launch failed". Apparently after few minutes when Windows boots, Kaspersky crashes and opens up again and displays this error. And it does the same several times again during the day. It's really annoying. I have contacted customer support and gave them all the necessary files (dump and system info files), It's been 3 weeks and I haven't heard anything back. I went so far as to fresh install the latest Windows 11 (ISO on Microsoft's website), but nothing changes. I do not have any cracked software and everything I installed are genuine and properly bought. I thought the issue may be due to system stability, so I did a memory test overnight and did some burn-in benchmarks and there are no errors. No other program on my system acts weirdly. I have also tried "Kaspersky removal tool" and did another installation of Kaspersky, but the issue persists. I am very close to uninstalling this for good, and I don't want to, I really like Kaspersky. Please help!

Adding the affected domain as trusted in web protection is a quick fix if you want to give a try.

Thanks for the quick response. I had missed the settings regarding exporting and importing the configuration. Thanks for your help.

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Description and cautions This article describes how to configure dump for capturing memory dumps, including application memory. To create a memory dump of a virtual machine: HOWTO: Get a memory dump of a virtual machine from its hypervisor. Details The recommended text editor is nano, below is a quick tutorial on how to use it if you are using it for the first time. Quick description of nano's basic functions Configure kdump Altlinux There is no kdump-tools package in the default repository, so it has to be downloaded from the sisyphus repository: Go to https://packages.altlinux.org/en/sisyphus/srpms/kdump-tools/ In List of rpms provided by this srpm select the kdump-tools package for the required architecture (can be checked by running uname -m) Download the package from the Download link Install it by running apt-get update && apt-get install <path to the downloaded rpm> After that, follow the Debian instruction from Edit /etc/default/kdump-tools step Red Hat based distributions (tested on Fedora 38, Rocky Linux 9, Red OS) Install kexec-tools sudo dnf install kexec-tools Edit /etc/kdump.conf. In the configuration file edit the core_collector setting: option -d should be set to 17 instead of 31 Edit /etc/default/grub. Edit GRUB_CMDLINE_LINUX, add crashkernel=256M to reserve enough RAM for the dump kernel to run, and nmi_watchdog=1, to capture a dump in case of a system hang Run sudo grub2-mkconfig -o /boot/grub2/grub.cfg Reboot Enable kdump service sudo systemctl enable --now kdump.service Debian based distributions (tested on Debian, Astra CE, Alt Linux) Install kdump-tools sudo apt update && sudo apt install kdump-tools -y Edit /etc/default/kdump-tools. In the configuration file edit the MAKEDUMP_ARGS variable: option -d should be set to 17 instead of 31 Configure the bootloader In /etc/default/grub edit GRUB_CMDLINE_LINUX_DEFAULT, add nmi_watchdog=1 to capture a dump in case of a system hang In /etc/default/grub.d/kdump-tools.cfg change crashkernel value to 384M-:256M (default is 384M-:128M) Expected result: GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT crashkernel=384M-:256M" Save and run sudo update-grub SUSE Linux Install kdump sudo zypper in kdump kexec-tools Edit /etc/sysconfig/kdump Change KDUMP_DUMPLEVEL variable to 17 Edit /etc/default/grub Edit GRUB_CMDLINE_LINUX_DEFAULT, add crashkernel=256M to reserve enough RAM for the dump kernel to run, and nmi_watchdog=1, to capture a dump in case of a system hang Update the bootloader configuration sudo grub2-mkconfig -o /boot/grub2/grub.cfg Reboot Enable kdump service sudo systemctl enable --now kdump.service Configure SysRq dump trigger To enable SysRq trigger, these key combinations 'kernel.sysrq = 8'(without quotes) has to be added to /etc/sysctl.conf. In SUSE the value of kernel.sysrq has to be changed in /usr/lib/sysctl.d/50-default.conf instead of /etc/sysctl.conf Reboot or run sudo sysctl --system After the set up above is complete, to manually trigger a dump press Alt+SysRq, Alt+C. Alternatively: echo 8 | sudo tee /proc/sys/kernel/sysrq (Command above is only needed if kernel.sysrq is not set in /etc/sysctl.conf) echo c | sudo tee /proc/sysrq-trigger Location of the dump files may vary between different Linux versions, it is configurable in the kdump configuration file. In Debian based distributions it is set by KDUMP_COREDIR variable. In Red Hat based distributions it is set by the path setting, generally the default location is /var/crash. Make sure that the dump folder has enough free space for the dump to be written. You may search by filemask: vmcore.

Hello DedoP, Welcome! 1. There is no interface language change Setting, (you) need to download & install - Kaspersky Plus - English version - from Kaspersky's Global website, using this link: Kaspersky Plus for Windows® 2. Please follow these images & the read the documentation: Protecting personal data on the Internet About protection of personal data on the Internet About On-Screen Keyboard How to open On-Screen Keyboard How to configure the display of the On-Screen Keyboard icon About protection of data entered on the computer keyboard How to configure protection of data entered on the computer keyboard Any questions or issues, please post back? Thank you🙏 Flood🐳+🐋

Hello, I recently replaced Kaspersky Internet Security with Plus and I'm still getting my bearings in the new application. I have 2 questions about it: 1. How can I change the interface language from what came by default from the installer? The application installed in my region's language but I prefer it to be in English. So far I can't find a setting for changing that. 2. In KIS I was able to open the On-Screen Keyboard via the application's interface - either through the main window or via the context menu after right-clicking on the tray icon. I can't find how I can do this in Plus. I'm aware there is a keyboard shortcut but sometimes I have issues with my hardware keyboard so that shortcut is not always available to me. How can I bring the virtual one up using the mouse? I'm on Windows 10, app version is 21.14.5.462. Thanks!

Thanks Elvin! 1- I created a manual task to "start application KES" and in advanced options i set up to send wake on lan packet 1 minute before. This way when I manually launch the task, KSC will turn on my computer. It's different from the old MMC console but it works. 2- I executed the command you suggest to open port on linux and connect MMC console to linux. This is a good alternative, i like to have both solutions now. Didn't ask for this but you read my mind, thanks! 👍 3- limitation of KSC on linux shouldn't be a problem, the missing feature are something we're not really using but I hope Kaspersky will push on this solution and bring all the functionality in future, nobody likes to pay a windows license to manage kaspersky when linux can do it for free. 4- the only thing still not clear is the managed devices window in KSC web console. In your screenshot, you have PM-KSC-01 in white, managed devices in white and all the subgroups in white, clickable (i think). If you look at my screenshot I have in white only KSC server, then managed devices and all the subgroups are in dark grey and i cannot click them. If I try to click on subgroups name i see the something loading for a fraction of second but nothing happen or appears. And no pages are loaded in the central frame of the website when i try to click the groups.

Hi, I have Kaspersky VPN set to split tunnelling and to only work on Firefox. That's great, it works fine. However if I try and launch warcraft the game fails to connect. Why is this? It seems to imply as if split tunnelling is applying outside of just firefox. As soon as I close the VPN wow loads fine. Wow does not care about VPNs, other VPNs work fine on it so im a bit confused.

Hello Berny. Thank you for your quick response. I'm talking about 19 malware, that were already installed in the Windows registry. This Windows 7 SP1 is old but Kaspersky is not. Latest version, updated base date. The SO being old is no excuse. If you want more details, I can provide them. Physical Memory: Memory Usage 45 % Total Physical 7.91 GB Available Physical 4.35 GB Total Virtual 16 GB Available Virtual 12 GB HDDs: Primary 440Gb, 119Gb free Secundary: 698Gb, 92Gb free

Thanks for quick support Elvin , i was using *.@mydomainname in recipient now i changed it to *@mydomainname and it worked . Thanks again

Aren't those kaspersky drivers for keyboard and mouse? Just asking cause I went through a lot of issues because of these two thugs 😆

hello kaspersky i just now installed kspsky internet security but after the installation my laptop's keyboard is not working need your help

Good day s this the working mechanism Behavior Detected and component Remidiation Engine When you launch any application, the Behavior Analysis component monitors that this application is executed, records all the actions of the program, makes backup copies of important files that the program accesses (opens, changes, etc.), while observing and analyzing the actions. if an anomaly is detected in the application’s actions (for example, encryption attempts), the application stops and all actions are opened according to the logs, and files are restored from copies by the Remidiation Engine component. create an exception for your application so that these components do not react to it (if it is indeed a legitimate application)

Your app is a disgrace Kaspersky. It has been quiet for 2 days, I thought that was it, and I was minding my own business watching a movie on amazon prime when what did I get? A big popup on the bottom right covering a quarter of the screen asking me if I wanted to install Kaspersky on my mobile. Sure, there was an option for "don't ask me this again" but I have no idea how many more different messages I am going to get before this stops happening, or if it WILL stop. I am going back to the combo of defender and Malwarebytes and getting a refund on Kaspersky for a second time. There won't be a third. I have compiled a list of grievances I have with the operation of the product, that I wanted to talk to support about, specifically how you can't enable outbound internet connection notifications without enabling the main app interaction notification which notifies you about EVERYTHING an app tries to do (launch, modify registry, access said folder, etc etc). All I want is an "this app is trying to access the internet, deny or allow" but I have to click 9 different allows just to get ONE game to run, it's crazy. So anyone who wants to keep their sanity just disables all outbound notifications. Sure you can trust an app but not even that is foolproof, I have trusted HD Sentinel 100 times and it disappears from trusted on every launch and I get registry access popups, so I just gave up and disabled those notifications. Why you don't have a "depth of notifications" and for example "alert on internet access only attempt" option, in SUCH a deep program, I have no idea. You've made the outbound notifications all but useless as it stands. And who wants to completely trust every app on their system anyway? I had been compiling all the data and how it could be made more user friendly but I don't think there's a point. At this stage the program is as bad as Mcafee and Norton in the spam department and doing the things I specifically want an AV app to NEVER do. I have no idea why someone like Kaspersky who I always trusted and respected would resort to these childish tactics, but, that's it for me. All I want to know is how to remove the program with NO trace in my registry and without messing anything up that would make me think I need to format and re install windows 11. Anyone with knowledge on that? How to truly and completely uninstall this adware? (it's adware by its very definition, as I have unticked all the notification popups and it's still behaving as adware would, as I have explained. Advertising the mobile app while I am on a PC, is adware. I took pics for proof also).

I'll try this one thanks for the quick reply

Does Kaspersky install its own mouse or keyboard drivers or change mouse/keyboard registry settings anymore? I read there were some issues regarding this in the past. And why would the software have to do any such thing? Excuse my ignorance but I’m a noob at antivirus. considering switching from Norton to Kaspersky. thank you

Hi: I have this annoying pop-up on FB that purports to be from FB itself, telling me that I am"restricted" for so many hours because I posted non-regulation whatever. One strange thing about the pop-up is it seems to start a countdown at some point, ie the number of hours you will be 'restricted start at 24 and decrease hourly. A very good friend just died yesterday while on vacation with his wife and kids, so there's a lot going on that I have to keep track of and this is making me pull my hair out. It doesn't actually stop me from doing anything, it just pops up every time I do anything, eg: like, post, whatever, it pops up and I have to clear it before I can do the next thing. Windows Pro Ed 10.0, 19045; Firefox 116.0.3 64 bit; Kaspersky Total 21.3.10, updates every day. I did run a full scan on top of the automatic quick scan that runs every day, but it picks up nothing. Any help or ideas to get rid of this appreciated. TIA

This is just a REAL shame to broke user's PC like that , never seen this before !!!!!! the up^date of 23/08/2023 just broke my entire computer : no mouse, no keyboard ... and system in hibernate mode !!!!!!!!!!!!!!!!!! What can i do to recover my computer ??????? usb fix : just ...., 1 change and no keyboard or mouse ???? Is there skilled ingeneer at kasper lab ??? You just waste my time, and week end.

This is just a REAL shame to broke user's PC like that , never seen this before !!!!!! the up^date of 23/08/2023 just broke my entire computer : no mouse, no keyboard ... and system in hibernate mode !!!!!!!!!!!!!!!!!! What can i do to recover my computer ??????? usb fix : just shit, 1 change and no keyboard or mouse ???? Is there skilled ingeneer at kasper lab ??? You just waste my time, and week end. just a question , did i, or your customer, allow you to modify .sys file in order to put YOUR keyboard or mouse sniffer ????? That just WEIRD. in 30 year of carreer i never seen that sort of bullshit. really. A product aiming to protect you, and we paid fopr that, is just destroying your datas !!! what can i do ? just rescue KS 18 (linux in fact) cd is working !!! ?????????????????? in fact the REAL virus : is virus vendor themself. they create them, in order to survive !!! i the paid release of your malware !