Search the Community

Thanks Berny for quick answer I will collect asap , where to send it ?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows) Description FDE precheck is a utility used for advanced Full Disk Encryption compatibility testing. It contains latest drivers which will be implemented in future KES releases. FDE precheck also collects diagnostic data used to fix compatibility issues. Inability to use laptop keyboard and\or touch-pad is one of the most frequently met issues. Using FDE precheck you can understand if compatibility issue was already fixed and will be included in next release or it should be addressed. You can download latest FDE precheck utility using following links: For KES 11 - https://support.kaspersky.com/14328 System requirements Single operating system should be installed on the test machine, FDE Precheck can't properly function on a host with multiple operating systems. Use administrative account to run the utility. Read before proceeding Decrypt the test host and remove Kaspersky Endpoint Security and AES module. Do a backup of the critical data on the test machine. Follow the test sequence exactly as stated below. Do not manually stop the execution of the utility. The system will automatically restart several times, it is an expected behavior. Plug in laptop. Do not run test on battery. Failure to comply with steps above may lead to unpredictable consequences. Test sequence Make sure machine decrypted does not have KES or AES module installed not running any KL drivers has no critical data plugged in Reboot. Copy and unpack fde_precheck.zip archive. Run elevated fde_precheck.exe (either by right-clicking and choosing Run as administrator or by starting it from an elevated command prompt). If the program will not find any incompatibilities the following message box will appear: Press Yes, to initiate installation of the encryption drivers and initiation of the test. Wait for the automatic reboot, then login using the administrative user as was done earlier. Press OK on the pop-up that will appear shortly after the reboot: Press Yes in the UAC window if it will appear shortly after. Wait for several minutes (up to 10-15 minutes) until next automatic reboot will occur. Do not initiate reboot manually! It will be done automatically. Manual reboot at this stage may result in corruption of the OS. All preparations are run in background, it is normal that there will be no indication of activity on the desktop. After automatic reboot you will see the preboot agent, and it will require human presence to complete those tests. If possible, record the whole process on a camera of smartphone. You will be asked to enter random keystrokes using the keyboard and mouse. In case of successful keystroke registration you will see something like that: Just follow the instructions that will appear on the screen and press "NEXT >" when done with each test. In case FDE Precheck Preboot agent will fail booting or will freeze at some point, please take photo of the error message, or record the whole process on a camera and reboot the machine if necessary. OS will boot either way. Login using the administrative account that was used earlier. At this point drivers will be removed in the background and host will be rebooted one last time automatically. Wait for several minutes (up to 10-15 minutes) until next automatic reboot will occur. Do not initiate reboot manually! It will be done automatically. Manual reboot at this stage may result in corruption of the OS. All preparations are run in background, it is normal that there will be no indication of activity on desktop. The following three files are always created. All three files are mandatory to provide for analysis. fde_precheck_report.txt fde_precheck.log (will be located in the folder with fde_precheck.exe) Description of what have happened during tests (with screenshots and video if possible).

thank you for the quick response but sorry i think i might have incorrectly descibed about the issue i can launch steam or epic games but it doesn't have an internet connection. it says it cant reach the servers but after disabling it it can. the website of steam do work fine just the app doesn't so it doesn't let me launch games either

Hi again, thanks for replying. I am searching in the actual vault (KPM app) not in the browser - (I know it sounds strange, it's really weird, presumably a bug). I have sync'd (it auto syncs but I checked also). I tried to take a screenshot to show you all is up to date but it seems that KPM cleverly prevents screenshots whilst open. You asked "iStorm cannot be found in the actual KPM vault application, on the computer", is that accurate please? " Yes, that is accurate. Autosave & autofill is ticked for 1. logins & password & 3. Bank cards (not 2. addresses). Thinking ahead, I thought you would recommend next that I reinstall this app on my PC so as I also use the iPhone and iPad KPM app every day I tried searching on that and it also doesn't appear there. The common denominator then is the website itself and the main thing I can think that's different to maybe all other sites is that it's mainly in Greek language (I have to use Google Chrome translate on the site). I did wonder whether it has saved in KPM in the Greek alphabet but when visiting the site the URL is in English as you can see from my screenshots. I did try translate and searching for 'καταιγίδα' in case but no luck. I have tried in KPM app scrolling down all entries to letter 'i' but there's nothing for istorm there. I am looking in 'all' and not 'favourites' It doesn't seem to appear in 'recents' but not all recent sites do (upon testing). Strangely when trying to log in on iPhone, tapping on the login name/email which displays the 'key' icon above the keyboard, on tapping the key which opens KPM app, it says 'no matching password' and 'show passwords' can't find it in search. Only the Chrome browser on PC recognises the website address and gives me the green KPM icon as per screenshots you've seen. I can't think of any other info to help identify this strange issue.

Good choice. Apparently senility is contagious. I'm 75, been using KAV since it came out. I was hoping the dementos fog wouldn't reach to Colorado, but apparently it's being flown in with H5N1 vectors. At any rate, I came here to find out why I have a California download available but not a US since, in the US, practically, California is not attached to anything. Didn't know about the dementia-elosi-lensky outbreak at the Department of Commerce. Explains the choices. Downloaded the Global and the California and they have different filenames and sizes, by 100k no less. Presumed the extra 100k was languages but it turns out California is the larger one. My normal paranoidity presumes so Google can embed privacy breaking products, but that's just me. I do note, that since Google is now embedded in the website and other platform downloads, I should grow curious as to whether the Department of Commerce feels it's powerful enough to instruct Google to not download Kaspersky products or provide information on it's webpages, or hcaptcha security checks and, thus, cut Google's profit margins. If Kaspersky lawyers were used to US current insanity they would ask Google to sue for interference with global and interstate commerce . Court battle would be quick since Google doesn't hesitate to bribe judges. Anyway, after the above stream-of-consciousness. Anyone know if it's possible to download KAV products for android, mac, linux, and windows off the Google platform and onto something like fDroid?

I kept using your product even after i realized you charge more to the people renewing the licenses than the new buyers (i guess you think old customers are there to be milked)... I kept using your product even after i realized your servers were still inside Ruzzia even after you announced you left that bog (it was already paid, the damage was done).... I kept using your product even after your "quick scan" was shutting down my pc, and so often that it even ended up roasting my SSD (sent all of the evidence i had to support, mostly circumstantial mind you, even with a video and they couldn't believe it was their fault). But the last straw was having my pc restart constantly and without warning, completely randomly, and just because enabling the VPN (no logs, no nothing, not even system dumps!, months and months troubleshooting, I only made the connection that the pc was crashing/hanging/restarting ONLY AFTER i enabled the VPN and not at a set time but randomly afterwards, even if it wasn't already running... uninstalled and the pc has not restarted ever again since, ¿what the hell else are you doing to my pc that i don't know of?). You had a good product, the competition probably is not as good as your product, but it is definitely good enough to make the jump and just leave these licenses unused. I am trying really hard not to express all the expletives i think you deserve, but you just are not worth my time anymore.

I could had a quick scan running on safe mode hard crash my system on demand, i even sent them the video. But sure, it is not destabilizing. And now my system is still not restarting randomly, i wonder why it is stable now.... So typing this was a massive waste of time. Thank you anyways. I bet Kaspersky is also grateful for your free service.

Hello Berny, In the past i tested this version you suggested me to download but i had some problems with onscreen keyboard, and the issue was i can't put some accents on some fields from my Home Banking! My last name as an accent and my user name needs this accent to work. I asked some help in the topic bellow. "My onscreen keyboard doesn't work on my bank site i can't fill the user and password using onscreen keyboard." And the conclusion was i had to get back to previous version Kaspersky security cloud free because there was no European version available at that time! That's the reason why i asked if you know something. Best regards. Hugop

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Problem Using EDR, you may encounter an issue where you're unable to view incident card regarding a detection in KSC Web Console. It looks like this: Here we will discuss known causes of such behavior (several products are involved, so causes may be different). Possible causes and solutions MDR In MDR, incidents are to be viewed using the dedicated MDR Console, and KSC version 13 and newer with configured MDR plug-in. KSC 12.* Web Console will not receive the data; this is expected behavior. KES+KEA If you first install KES without EA component, and then a standalone KEA package, KES EDRO integration will be disabled and killchain will not work. Here is a quick way to determine if KEA was installed as a component of KES. Open regedit, then navigate to: [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\protected\KES\Installer\features] "AntiAPTFeature" = "1" If the value is 0, proceed to the workaround to enable the component as described below. To fix this, we ran Change application components task on the host, enabling Endpoint Agent in KES. If KES/KEA integration is configured correctly, we can find the following in KES traces: 12:08:37.426 0x2a18 INF edr_etw Start processing detect = http://www.virusanalyst.com/eicar.zip//eicar/eicar.com, recordId = 6, taskId = 1128, result = 0 12:08:37.426 0x2a18 INF edr_etw Start processing actions = http://www.virusanalyst.com/eicar.zip//eicar/eicar.com, action = 4, recordId = 6, taskId = 1128, edrAction = 3489660999, result = 0 12:08:37.442 0x2a18 INF edr_etw Killchain is enabled! 12:08:37.442 0x2a18 INF edr_etw SystemWatcher is running! 12:08:37.442 0x2a18 INF edr_etw product::component::edr::`anonymous-namespace'::IsSystemWatcherDetect begin 12:08:37.442 0x2a18 INF edr_etw product::component::edr::`anonymous-namespace'::IsSystemWatcherDetect end 12:08:37.442 0x2a18 INF edr_etw product::component::edr::`anonymous-namespace'::InvestigateProcessIds begin 12:08:37.442 0x2a18 INF edr_etw product::component::edr::`anonymous-namespace'::InvestigateProcessIds end 12:08:37.442 0x2a18 INF edr_etw Finish processing detect = http://www.virusanalyst.com/eicar.zip//eicar/eicar.com threat status = 1, recordId = 6, taskId = 1128,result = 0 12:08:37.458 0x1f18 INF edr_etw Finish processing AV detect result = 0 Searching for ThreatID in KEA traces: 12:08:37.426 0x2a18 INF amfcd ThreatsProcessingEventsLogic::OnTreatActionImpl: ctx:0x23d68510 [TI 0x1b8dd490: id = 0x6, : tdid = {7F620459-6C51-9E46-9A5D-689A9B0D0098}, name = http://www.virusanalyst.com/eicar.zip//eicar/eicar.com, add info: <none>, 0x0] 0x4 0x0 KES+KEA (upgrade from KESB to EDR Optimum) EDR Optimum requires KSC 12.1 or newer to work. This includes the Network Agent, which is a part of KSC, and is generally installed on the host alongside KES. Using an outdated version of Network Agent (10.5, 11, etc.) will lead to the mentioned error when opening incident cards. If Network Agents were not upgraded along KSC, it's better upgrading them for EDR Optimum. KES 11.7+ Check that EDR Optimum feature is enabled in registry (GSI > Registry > HKLM_Software_Wow6432Node_KasperskyLab.reg.txt ). [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\protected\KES\Installer\features] EdrOptimumFeature = 1 If value is 0, run Change application components task on the host, enabling EDR Optimum in KES. Also in traces (*.SRV.log) you can search for sentence bundles::InstalledFeaturesProvider::InstalledFeaturesProvider and check that EDROptimumFeature is there, for instance in example below such component is missing KES.21.9.6.465_05.18_14.00_3952.SRV.log 11:00:36.897 0x26a0 INF bundles::InstalledFeaturesProvider::InstalledFeaturesProvider{ 3 (AVScannerAndCoreFeature) 28 (AdaptiveAnomaliesControlFeature) 0 (AdminKitConnectorFeature) 24 (AdvancedThreatProtectionFeature) 27 (AmsiFeature) 7 (ApplicationControlFeature) 17 (BehaviorDetectionFeature) 30 (CloudControlFeature) 4 (CriticalScanTask) 6 (DeviceControlFeature) 23 (EssentialThreatProtectionFeature) 11 (ExploitPreventionFeature) 8 (FileThreatProtectionFeature) 19 (FirewallFeature) 5 (FullScanTask) 2 (HostIntrusionPreventionFeature) 16 (MailThreatProtectionFeature) 14 (NetworkThreatProtectionFeature) 12 (RemediationEngineFeature) 25 (SecurityControlsFeature) 18 (UpdaterTask) 21 (WebControlFeature) 20 (WebThreatProtectionFeature) 22 (WholeProductFeature) } KSWS+KEA The same rule applies: KEA component needs to be installed in KSWS. KSWS does not have a "Change application components" task in KSC, so this has to be taken into account during KSWS deployment. Here is a quick way to determine if KEA was installed as a component of KSWS. Open regedit, then navigate to: [HKEY_LOCAL_MACHINE\Software\Wow6432Node\KasperskyLab\\WSEE\11.0\Install] "Features"="AntiCryptorNAS=0;AntiCryptor=0;AntiExploit=0;AppCtrl=0;AVProtection=0;DevCtrl=0;Fim=0;Firewall=0;ICAPProt=0;IDS=0;Ksn=0;LogInspector=0;Oas=0;Ods=0;RamDisk=0;RPCProt=0;ScriptChecker=0;Soyuz=0;WebGW=0" (Soyuz needs to be set to 1) If Soyuz is set to 0, apply workaround to enable it. KSWS allows to change its components locally or via cli. Here is the example of how to set Soyuz=1 when KEA was installed not as a component of KSWS: 1. Locate ks4ws_x64.msi or ks4ws.msi (depends on OS architecture) 2. Create custom installation package based on ks4ws_x64.msi or ks4ws.msi from p.1 with parameters as per screenshot (add UNLOCK_PASSWORD= if KSWS is protected by password in policy) 3. Deploy package on problematic servers with KSWS and KEA, then check registry that Soyuz=1 4. Check host's properties at KSC side - EDRO should be in Running state in KEA If KSWS/KEA integration is configured correctly, we can find the following in KSWS traces: 19:57:04.577 7a8 1310 info [edr] Published ThreadDetected: VerdictName : HEUR:Win32.Generic.Suspicious.Access RecordId : 0 DatabaseTime : 18446744073709551615 ThreatId : {ffb58079-6d8d-4a62-8ab0-021ff4ed61c5} IsSilent : false Technology : 3489661023 ProcessingMode : 3489660948 ObjectType : 3489660934 ObjectName : C:\Windows\System32\wbem\WmiPrvSE.exe Md5 : e1bce838cd2695999ab34215bf94b501 Sha256 : 1d7b11c9deddad4f77e5b7f01dddda04f3747e512e0aa23d39e4226854d26ca2 UniquepProcessId: 0xf7c807730e051a0d NativePid : 3360 CommandLine : AmsiScanType : AmsiScanBlob : FileCreationTime: 1601-01-06T23:09:56.075520800Z Searching for ThreatID in KEA traces: 19:57:05.583 704 9b0 debug [bl] ThreatsHandler: detect v2 verdictName: HEUR:Win32.Generic.Suspicious.Access detectTechnology: 0xd000005f processingMode: 0xd0000014 objectType: 0xd0000006 objectName: C:\Windows\System32\wbem\WmiPrvSE.exe nativePid: 3360 uniquePid: 17854528913448180237 nativePidTelemetry: 3360 uniquePidTelemetry: 17854528913448180237 downloaderUniqueFileId: <none> downloadUrl: <none> isSilentDetect: false threatId: ffb58079-6d8d-4a62-8ab0-021ff4ed61c5 19:57:05.583 704 650 info [evtstt] NetworkConnectionHandler statistics: queueSize=0, received=59675, processed=59675, dropped=0, queueBytes=191 19:57:05.583 704 650 info [evtstt] NetworkConnectionHandler statistics: queueSize=0, received=59676, processed=59676, dropped=0, queueBytes=132 19:57:05.583 704 650 info [evtstt] NetworkConnectionHandler statistics: queueSize=0, received=59677, processed=59677, dropped=0, queueBytes=371 19:57:05.583 704 9b0 debug [bl] Threats Handler: event processed, id = 2 19:57:05.584 704 1fc debug [killchain] Message discarded: name = ThreatDetect The verdict is Message discarded, this means the detection won't trigger killchain generation. No such entries can be found in traces, which might mean that EPP integration is not configured correctly (EDR component is disabled in KSWS). Check killchain presence on the host If all pre-requisites are met, it's worth checking if killchain files are actually created on the host. To check that, run cmd.exe as Administrator and check the c:\ProgramData\Kaspersky Lab\Endpoint Agent\4.0\Data\killchain\detects folder contents. Archives with <threat_id>.zip names should be present in the folder: C:\WINDOWS\system32>dir "c:\ProgramData\Kaspersky Lab\Endpoint Agent\4.0\Data\killchain\detects" Volume in drive C has no label. Volume Serial Number is 8010-ADC0 Directory of c:\ProgramData\Kaspersky Lab\Endpoint Agent\4.0\Data\killchain\detects 08/16/2021 12:20 PM <DIR> . 08/16/2021 12:20 PM <DIR> .. 08/16/2021 09:34 AM 636 0349c190-4ac3-4da4-9b64-07835298660f.zip //this is an archive with killchain info 08/16/2021 12:18 PM 696 1d306aa7-f37f-4ab2-969e-d337d398a995.zip 08/16/2021 09:34 AM 637 23a5dc93-5776-43c8-b949-79c102aa1184.zip 08/16/2021 12:19 PM 691 27bc9ea3-200b-49d2-b8b0-df7954cd428a.zip 08/16/2021 12:19 PM 683 40673c70-9e8e-420f-b5ce-65b406862b94.zip 08/16/2021 12:19 PM 688 590b6e30-4509-4b25-bdb0-062f89b7e062.zip 08/16/2021 12:20 PM 693 67993612-dc82-45a2-9e5b-74756adc46eb.zip 08/16/2021 12:20 PM 685 6a892bd1-f452-42d0-80b0-cb953cd7fc26.zip 08/16/2021 12:19 PM 686 a63fbafa-fcef-46f7-935f-42be4392a172.zip 08/16/2021 12:19 PM 699 d9d4f5eb-42b2-4460-8f8a-eb63bbef8791.zip 08/16/2021 12:19 PM 686 f6042624-9840-4a6e-9b30-9270cce22236.zip 11 File(s) 7,480 bytes 2 Dir(s) 240,763,092,992 bytes free

Is there any update on the "MR17" update? I certainly have many, many large files on the filesystems being scanned if that's the case. I've been experiencing this issue for what feels like a year or more now. Exact same symptoms as commonly reported over the last year or two. Full scan will always cause an application crash however, even when manual. System idle for many days will eventually cause a crash. Sometimes application can recover, other times application will fail to launch due to what appears to be the Kaspersky windows service locking up and cannot be restarted or stopped due to security and requires a reboot. I'm not totally comfortable submitting traces and have been watching from the sidelines.

Thanks for that quick response. We've done a second scan and the summary lines of the report is attached. It looks like the dll is now gone.

@harlan4096, I remain confused. ?‍♂️ Please confirm or correct my interpretation of the Forum Guidelines, which state that posting live links is permitted, provided that they are not to a site or product in competition with K products. I don't profess to know what enhanced rights Moderators have, but my interpretation of the Forum Guidelines is that, as a Member, I could have posted a live link to AdwCleaner in your topic, assuming it was relevant to solving the member's problem . . . ? I also do not see any prohibition in the Forum Guidelines to members posting live links to other posts in these Forums . . . Just to give you some background, I got a warning PM from @Alexandru_BD, the Forum Administrator, of my previous antivirus solution Forums. It was one of the straws that broke this camel's back. I posted there just what you had posted here to assist one of their users. I am trying to seek clarity. I have no wish to be cautioned or banned. My online reputation is very important to me. I need to understand the rules here. Your response did not shed much light for me. Perhaps I am not as quick as I used to be . . . It would be wonderful if you could explicitly spell out the Forum Moderating and Admin Team's expectations. I did receive some good advice from @Flood and Flood's wife, in one of my early posts here, that it would be wise for me to be very cautious until I learned the dynamics of these Forums. I have been a member of enough Forums for long enough to know that there are always "Forum politics," as I term it. I have no interest in that. So, following that sage advice, I seek only clarity to avoid being cautioned or banned. Signing off now for the day. Have a great day. Regards, Phil

Hello all, Thank you for looking; I appreciate your time! KIS version 21.3.10.391 Win 10 Home x64 Build 19045 KIS has begun briefly crashing and restarting within seconds, both passively and especially during full scans. The crashes during scans happen at different points in the scan i.e. not at the same % completion / block of files being scanned. I can still complete quick scans, and background scans complete successfully. At first I could start a new full scan and it would complete most of the time; now it crashes at every full scan. When KIS crashes, I get a notification (as expected) from Windows Defender that I should turn on Virus Protection. There have been no significant changes to my OS environment other than Win and KIS updates. I have not installed any other programmes recently. I am not running any other AVP.

Ok...seems like is only affecting 'quick/full scans'. Ran another 'selective scan' or path file and it did save on report page.

Reinstall your keyboard driver - If any.. If your keyboard driver has developed a fault, your keyboard may stop working. To fix it: 1) Right-click the Start button, then click Device Manager. 2) Expand Keyboards then right-click Standard PS/2 Keyboard and click Uninstall. 3) When prompted to confirm, click OK. 4) Restart your computer after the uninstall. If the problem persists, it’s likely that your driver is outdated, rather than fault Also, check with your USB connection. Regards, J Wick

Been using kaspersky total for a while along with the kaspersky protection extension on chrome. But notice i get lag a lot on youtube via chrome and sometimes web browsing lags a lot. Thing is first time i had tons of issues with kaspersky total settings where i had to change a few such as turning off that on on screen keyboard and that annoying message of would you like to use a protected safe browser or something like that when on amazon or best buy... thus i know it was to protect you but i didn't want that. Also recall my keyboard... didn't work several times ... use a laptop with external keyboard ... and then i remember i did some change in the settings to get rid of it. Anyone know what exact setting that is? i want to turn off kaspersky total temporary and possibly remove kaspersky protection extension on chrome... and i just use the free windows defender in windows and possibly ublock origin to see... if it is indeed kaspersky total causing all these lag issues on chrome and on my computer as well. Was told i could disable kaspersky total temporarily... but even if i do that... it still shows two programs kaspersky anti virus and kaspersky lab launcher... both 32 bit. Thing is i have windows ten pro 64 bit so shouldn't that be also 64 bit? Also would i need to turn off both background processes to see if its indeed kaspersky total that is causing chrome to lag and also my laptop? Read somewhere you have to turn off both kaspersky programs at startup and restart it? if so, how to do that and is it necessary? But would it be better idea to just uninstall kaspersky total and the kaspersky protection extension on chrome and just use windows defender and ublock origin on chrome and see... if kaspersky total is the culprit for all these chrome lag issues? But if i were to then reinstall kaspersky it will have all the original settings right after installing it again? Then i would need to go to the settings and manually change all of it to the way it is now? So should i go to every setting on kaspersky total and take a screenshot of every single settings there is... then when i install it again... i just look at all the pictures to make sure its the exact same settings? My concern is when i install it again, the keyboard might not work and i have to make sure i find the setting that fixes this? Thoughts on what i should do here? Because even if i temporarily disable kaspersky total... well the program is stlll on my laptop... so its not the same as uninstalling it completely right? Also should background scan settings be always off? Always have that on. But that need to be on to give you real time protection or not?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Description and cautions This article describes how to configure dump for capturing memory dumps, including application memory. To create a memory dump of a virtual machine: HOWTO: Get a memory dump of a virtual machine from its hypervisor. Details The recommended text editor is nano, below is a quick tutorial on how to use it if you are using it for the first time. Quick description of nano's basic functions Configure kdump Altlinux There is no kdump-tools package in the default repository, so it has to be downloaded from the sisyphus repository: Go to https://packages.altlinux.org/en/sisyphus/srpms/kdump-tools/ In List of rpms provided by this srpm select the kdump-tools package for the required architecture (can be checked by running uname -m) Download the package from the Download link Install it by running apt-get update && apt-get install <path to the downloaded rpm> After that, follow the Debian instruction from Edit /etc/default/kdump-tools step Red Hat based distributions (tested on Fedora 38, Rocky Linux 9, Red OS) Install kexec-tools sudo dnf install kexec-tools Edit /etc/kdump.conf. In the configuration file edit the core_collector setting: option -d should be set to 17 instead of 31 Edit /etc/default/grub. Edit GRUB_CMDLINE_LINUX, add crashkernel=256M to reserve enough RAM for the dump kernel to run, and nmi_watchdog=1, to capture a dump in case of a system hang Run sudo grub2-mkconfig -o /boot/grub2/grub.cfg Reboot Enable kdump service sudo systemctl enable --now kdump.service Debian based distributions (tested on Debian, Astra CE, Alt Linux) Install kdump-tools sudo apt update && sudo apt install kdump-tools -y Edit /etc/default/kdump-tools. In the configuration file edit the MAKEDUMP_ARGS variable: option -d should be set to 17 instead of 31 Configure the bootloader In /etc/default/grub edit GRUB_CMDLINE_LINUX_DEFAULT, add nmi_watchdog=1 to capture a dump in case of a system hang In /etc/default/grub.d/kdump-tools.cfg change crashkernel value to 384M-:256M (default is 384M-:128M) Expected result: GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT crashkernel=384M-:256M" Save and run sudo update-grub SUSE Linux Install kdump sudo zypper in kdump kexec-tools Edit /etc/sysconfig/kdump Change KDUMP_DUMPLEVEL variable to 17 Edit /etc/default/grub Edit GRUB_CMDLINE_LINUX_DEFAULT, add crashkernel=256M to reserve enough RAM for the dump kernel to run, and nmi_watchdog=1, to capture a dump in case of a system hang Update the bootloader configuration sudo grub2-mkconfig -o /boot/grub2/grub.cfg Reboot Enable kdump service sudo systemctl enable --now kdump.service Configure SysRq dump trigger To enable SysRq trigger, these key combinations 'kernel.sysrq = 8'(without quotes) has to be added to /etc/sysctl.conf. In SUSE the value of kernel.sysrq has to be changed in /usr/lib/sysctl.d/50-default.conf instead of /etc/sysctl.conf Reboot or run sudo sysctl --system After the set up above is complete, to manually trigger a dump press Alt+SysRq, Alt+C. Alternatively: echo 8 | sudo tee /proc/sys/kernel/sysrq (Command above is only needed if kernel.sysrq is not set in /etc/sysctl.conf) echo c | sudo tee /proc/sysrq-trigger Location of the dump files may vary between different Linux versions, it is configurable in the kdump configuration file. In Debian based distributions it is set by KDUMP_COREDIR variable. In Red Hat based distributions it is set by the path setting, generally the default location is /var/crash. Make sure that the dump folder has enough free space for the dump to be written. You may search by filemask: vmcore.

This is just a REAL shame to broke user's PC like that , never seen this before !!!!!! the up^date of 23/08/2023 just broke my entire computer : no mouse, no keyboard ... and system in hibernate mode !!!!!!!!!!!!!!!!!! What can i do to recover my computer ??????? usb fix : just ...., 1 change and no keyboard or mouse ???? Is there skilled ingeneer at kasper lab ??? You just waste my time, and week end.

It looks good? the max protection is that you type in a password input box via K‘s virtual keyboard in safe-money protected broswer. the password input box should be automaticly indentified by K and you will be suggested to use the virtual keyboard. a small lock icon will be displayed beside the input box.

Dear Sir, Thank you very much for your quick respose. I couldn't find this particular page - yashasviworld . com/products?id=7&data_from=brand&page=1 as mentioned in your reply. Can you please confirm whether this script is in database or in Webpage.

Also @emrerencber, Check / reset: Keyboard shortcuts? Check: Keyboard shortcuts in apps? Check: Windows keyboard shortcuts for accessibility? Re "I can't navigate the program interface with Tab and Shift Tab keys, I can't hear Kaspersky's system tray settings"; we're not convinced the root cause is Kaspersky?

Hello @cesarD, Thank you for posting back & the information! IF (you) are taking screenprints with the Safe Money browser open & pressing the Print-Screen Key on the Keyboard - according to the experts from HQ this is working exactly as per design = it's working properly in all elements, however, IF (you're) using a *print-screen* function from a third-party application & the Safe Money browser & the images shows an image(s), i.e., the screen is not black - according to the HQ experts - this is *not* working as designed. This information is also documented for v21.3, v21.6, v21.7 etc, etc.... Thank you? Flood?+?

Hello @cesarD & @nexon, We've discussed this issue in a logged case - in the past with HQ: SafeMoney & PrintScreen do work & SafeMoney, On-Screen Keyboard & PrintScreen also do work, i.e. screen-prints are not *black*. HQ experts advised: "software-based screen capture activities are blocked. The ability to take a screenshot is only possible by physically pressing the "PrtScr" key when it is needed by the user at the computer." @cesarD, we agree with @nexon, IF Kaspersky Standand is available in (your) region, it's advisable to upgrade. The software is available to download from this link: https://www.kaspersky.com/downloads#update-product. Kaspersky has replaced KIS & with Kaspersky Standard, there's no information available atm as to when KIS will be withdrawn; information about the *new* software range can be read here: Kaspersky: Basic, Standard, Plus, Premium - info & FAQ, by Danila T. Any questions or issues, please post back? Thank you? Flood?+?

Thanks , yeah sorry for being paranoid . I finally managed to launch the KasperSky Plus . Only because i launched the VPN on my windows machine . It's a very cool software indeed ! I still sent a request for refund to customer support since i can't always rely on vpn , i hope they can understand my paranoid and weird words . Anyways i have a small problem now , I am trying to connect to offsec 's website using Kali linux 's virtual machine , but the vpn keeps failling (Openvpn) . However the vpn on my windows machine works perfectly fine , Any idea if kaspersky implements any kind of protections against the traffic coming out from Kali or the virtual machine itself ?? Thanks

I noticed my computer has been very very slow and every now and again i get messages from kaspersky saying "previous application launch failed" i have optimized my computer and run a full scan on my computer the other day and nothing comes up as wrong, also when i try to play Fortnite the game lags incredibly bad, it is when i sign out of that game do i usually see the "previous application launch failed".