Search the Community

Hello @Tom Wong, Welcome! Read before you create a new topic! Unfortunately, Kaspersky’s On-screen/virtual keyboard cannot be disabled, there’s no option available in the software to disable the OSKB. According to Kaspersky experts, Kaspersky technical support agent & Kaspersky technical support Supervisor, this is as per by design. If when (you) open Kaspersky’s On-screen/virtual keyboard, the laptop/PC physical keyboard is disabled for input, please log a case with Kaspersky Technical Support, fill in the Application malfunction, Other template; support may request Logs, Traces & other data, they will guide you: After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will be in touch, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in their MyKaspersky account.➡ Please share the outcome with the Community when it’s available? Thank you🙏 Flood🐳+🐋 Resources: About On-Screen Keyboard On-Screen Keyboard About protection of personal data on the Internet

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Prerequisetes: Supported vSphere by Kaspersky Agentless solution Usage of NSX version 3.2+ Deployed Kaspersky Agentless 6.1 Antivirus or/and Network Attack Blocker Appliance Problem Anew registration and Kaspersky Agentless 6.1 Antivirus or/and Network Attack Blocker Appliance deployment completes successfully. By attempt to create Service Profile for Kaspersky Agentless 6.1 Antivirus or/and Network Attack Blocker fails with error AntiVirus and Network Attack service registration might fail with the error "Service Definition id <ID> <Kaspersky Component> not found in MP Root cause NSX-T does not delete service references of Kaspersky Agentless 6.1 Antivirus or/and Network Attack Blocker Appliance Solution Through terminal like putty you need access to NSX-T appliacnce and launch the command curl -kG https://admin:<PASSWORD>@<nsx-t address>/policy/api/v1/infra/service-references The path value should be remembered for Kaspersky File Antimalware Protection and for Kaspersky Network Protection Delete service reference by path value by launching the command curl -kX DELETE https://admin:<PASSWORD>@<nsx-t address>/policy/api/v1/<value of path> After it delete previously created profile service for Kaspersky Agentless 6.1 Antivirus or/and Network Attack Blocker and create it anew

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. To achieve this goal for Kaspersky Agentless 6.1 solution you should: Shutdown Kaspersky Agentless Appliance Disable the option "Сonfigure/vApp Options/edit/OVF Details/OVF environment transport/ISO image" for Kaspersky Agentless Appliance Launch Kaspersky Agentless Appliance

Block the launch of the file? If you only use the basic functionality, you must have the application control component enabled. However, you will need to get SHA256 since MD5 was used by older versions. 0. Get SHA256 1. create a category to control such files. I skipped some of the steps, it's mostly just Next, Next, Ok. 2. Create a rule to prohibit application startup in the policy for KES, select the group we created 3. Test PS: in principle it is not necessary to use external tools ...if there is a sample file all data can be obtained directly from it when creating a category and use the parameters that suit you best.

Thank you my friend, for being quick to respond. I'm glad there were people who asked about this subject. Well, the Kaspersky team could do this without customers having to hide it. but that's ok, thank you. 😀

Danke Schulte, werde es beobachten, ab wann die Meldung wieder kommt. Kann etwas dauern, bin nicht täglich am Rechner. Mein letzter download war von der Seite ITSG, einem Sozialversicherungsmeldeportal der deutschen Sozialversicherung. Melde mich, sobald der "quick driver updater" wieder auftaucht.

Hello @tniou, Welcome! Thank you for your contribution👏 Agreed, there has been a lot of complaints about Secure Keyboard input is enabled popup, because, it’s a PIA😡! We think there’s an easy fix for this, similar to Kaspersky’s Protected browser, for any field where the Secure Keyboard input is enabled popup (apart from the fact the tiny keyboard icon is already present in the righthand side of all such fields, nothing like overkill Kaspersky!!); all they have to do is use a green border on all Secure Keyboard input is enabled protected fields → it’s not 🚀 science Kaspersky🙄 Thank you🙏 Flood🐳+🐋

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Security administrator can create KSWS Application Control rules based on Digital Certificate. What does product actually checks and how it is related to the file itself? First of all, product checks whether the file matches certificate. Secondly, whether certificate is valid. If any of verifications fail - launch of the file will be denied. And vice versa. If signed file which execution was allowed by certificate has been modified, will execution of the file be allowed? Altering the file signed by the certificate will cause its certificate to no longer confirm the integrity of this file. As a result "Allowing" rule will no longer be applied to the file. How the control of the revoked certificates operates, if such a control exist? Certificates revocation in the operation system is implemented through OS updates. When a certificate becomes revoked, it can no longer pass validation checks. Thus file execution will be blocked. When both the subject of the certificate and its thumbprint verifications are selected, then product checks that the file is signed by an exact "version" of certificate. In other words, it will not be enough to make a self-signed certificate with the Subject field equal to "Redmont, Microsoft" - such a certificate does not coincide with the real thumbprint of Microsoft.

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. While removing Kaspersky Security for Windows Server Console removal log may contain a message: Error 1336. There was an error creating a temporary file that is needed to complete this installation. Folder: C:\Program Files (x86)\Common Files\Kaspersky Lab\Kaspersky Security for Windows Server\. System error code: 5 And if you launch removal process using an appwiz.cpl a popup will be displayed stating : “There was an error creating a temporary file that is needed to completed this installation” This may happen because KES is installed in the system, so far the workaround is the following: Disable self-defense in KES and perform removal one more time.

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Problem Sometimes Anti-Cryptor task in KESL won't be able to launch after the OS is started. This may happen because Anti-Cryptor needs all the protected network resources to be up before KESL service is started. In other words, Samba or NFS services should be started before KESL service. Solution To resolve this problem you need to make sure that services start in the correct order. For Systemd systems: 1. Create a file /etc/systemd/system/kesl.service.d/override.conf # touch /etc/systemd/system/kesl.service.d/override.conf 2. Add the following to /etc/systemd/system/kesl.service.d/override.conf: [Unit] After=nfs-server.service smb.service [Service] TimeoutSec=300 3. Reload services # systemctl daemon-reload For Sys V init systems: Rename Samba and NFS init files to make those services start earlier. E.g. # mv /etc/rc3.d/<smb_init_file> /etc/rc3.d/S49smb # mv /etc/rc3.d/<nfs_init_file> /etc/rc3.d/S49<nfs_init_file> Where <smb_init_file> and <nfs_init_file> stand for current init files present in the system. NFS init file may have different name depending on your environment - nfs, nfs3 or nfs-server.

Windows Defender has an early launch module that allows it to start pretty much before the OS does - but with Kaspersky I’ve noticed it takes 1 or 2 seconds after I reach the desktop for the app to show up in the tray. Is that just the app starting late, or the protection modules as well? Do Kaspersky protection modules start early like Defender’s? If the modules start with the app then that’s… not great. Isn’t that a security risk? Malware could start before the AV, disabling its self-defense.

https://learn.microsoft.com/en-us/windows-hardware/drivers/install/early-launch-antimalware

I've been experiencing this problem on Win7 x64 SP1 for a few weeks and I just discovered that it's caused by KIS 21.3.10.391 Every time I reboot, 5-10 secs after desktop appears, Windows becomes dead for 40 seconds. It does not respond to any keyboard or mouse commands. I can still move the mouse around and see taskbar respond to mouse position but none of the apps work. During that ~40 seconds of sleep, it takes all the commands in buffer though. For ex; I run Windows File Explorer during the first 5-10 seconds of startup while it's still responsive. Then it goes dead... I try to drag-move the File Explorer window and it does nothing... After 40 secs passes, it moves the window. (this is not due to slow HDD or swap file etc...it's running on SSDs, and it used to be very fast and responsive a few weeks ago). This buffering also works for keyboard entries too.. Somehow KIS pauses the system for 40 secs on every boot after desktop appears. It does not happen when i PAUSE the protection. Any ideas to fix this?

Os Version : Windows 11 22621.2283 Application version : 21.3.10.391 Good morning, For 2 days my Kaspersky total security has been in complete disarray. It starts by having the Kaspersky icon which begins to multiply in the notification bar between 3 to 5 times, then when I hover my mouse over it it all disappears. From this moment on, I have no access to internet surfing or the ability to open the Kaspersky interface. When I try to launch it the icon appears gray and the service does not start. I restarted the PC several times, the problem ended up reappearing quite quickly. I reinstalled kaserperky twice, 1 time while keeping my configuration parameters 1 time with nothing saved I tried to analyze in the Windows logs if I can see the causes of the application shutdown or the causes of its multiple launches but without success. Do you have any idea of the problem or a solution to enable more verbosity in logs so that we can carry out an analysis of this please? Thanks in advance

Hello @Joefram80, Thank you for posting back, the extra questions & confirming the software version installed? Background scan/rootkits can be searched for manually via the Windows command prompt: "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe" start scan_qscan - when (you) start the cmd.exe, run it with administrator privileges = rightclick the cmd.exe & select Run as administrator, then enter the command to run the scan & allow the process to complete. The Background scan runs automatically once a day and after a computer restart. Also the Background scan runs as a part of Full Scan & or Quick Scan, so if (you) have executed a Full Scan, there's no need to run an additional Background scan - all of this is true unless there's a problem or the Background scan has been turned OFF. Other ways to find the version: On the Windows Taskbar or hidden icons, rightclick the Kaspersky icon, select About? Open the Kaspersky app, in the lower-left-hand-corner, select the Headset? icon, this opens the Support page which shows the (Kaspersky) application version on the fourth line from the top? In Kaspersky Scan Reports, all Scans are logged (we filtered ours to one week, just to show an example) The Kaspersky Background scan documentation states: A background scan is started in the following cases: After the anti-virus databases are updated. Thirty minutes after Kaspersky Total Security launch. Every six hours. If the computer remains idle for five or more minutes (after the screen saver is started). A background scan is interrupted when any of the following conditions is met: The computer becomes active again. If an Idle Scan has not been performed for more than ten days, then the scan will not be interrupted and allowed to finish. The computer (laptop) switches to battery mode. When running a background scan, Kaspersky Total Security does not scan files whose contents are located in OneDrive cloud storage. IF there's any issues or (you) have any concerns, please post back? Thank you? Flood?+?

Hi i recently installed kaspersky security cloud i have some cuestions 1.- The licence is perpetual or only for 1 year or 5 years. 2.- Tweaks for perfomance whitout risk security. 3.- Tweaks for maximum security. 4.- Have anipishing protectio i dont see the brwoser plug in 5. Why the full scan is too quick in nvm2 runs in less than one hour and other products delaay 3 hours. 6.- Have any advantage than defender really?

I tried to figure out why. But I found nothing in the "Event Viewer", "Security and Maintenance" and minidump folder. I checked the digital signatures for every driver before installing. The driver installation packages were scanned by Microsoft Defender before KIS was installed. All drivers, including the firmware are up-to-date. I thought it were a hardware problem, but that couldn't explain why I can still start Windows after shutting down ELAM. I thought it were caused by corrupted system file, but after executing dism /online /cleanup-image /scanhealth dism /online /cleanup-image /restorehealth sfc /scannow no integrity variation was found. I thought it were caused by virus, but I ran a quick scan just before the failed reboot. Those are what I did and saw before updating KIS. ELAM stage is a very early boot stage. It's like when a baby having just learnt to say mummy. To debug the OS may find the cause, but it's beyond my time, energy and ability. If the bsod were caused by KIS, the most possible "solution" would still be to update it. If it were caused by some damn driver, then updating KIS would have no help.

I read online that Disabling Enable Secure Keyboard Input would fix this issue? Also that kaspersky web protected browser. I have it turned on for a few banking sites. What I notice is when I have it on, my mouse lags a lot when moving it around my screen. Is this normal? I use this laptop with an external monitor and notice many times I can’t even move the mouse to the other monitor and I have it on EXTEND. But if I turn this off, is that fine? So would disabling both of these things be fine? Or would it jeopardize the internet security of kaspersky? Because I can’t even type on the address bar because of this no matter with the laptop keyboard, external keyboard or even the windows or kaspersky on screen keyboard.

Hello @i_salazar, Welcome! As a test, with (our) KTS set at Default settings, we ran two Quick scans, one after the other, the KTS Scan report images shows the result; noting, we made no changes between running the two scans . Quick Scan. Scans objects that are loaded when the operating system starts as well as system memory, boot files & temporary Internet files . This scan does not require a lot of time to complete → Some of these are dynamic, e.g. temporary Internet files, i.e. change all the time. Do not be concerned, if the scan result is clean the system is fine. Best practice tips: After installing KTS: Run a manual Database update. Shutdown, power OFF system using Shutdown, not Restart, power on., login. Make sure KTS is running. Check version & patch(x) x = letter - on the Windows Taskbar, or hidden icons, rightclick the Kaspersky icon, select About ? (Always try to have the software on the latest available patch). Check & make sure all Windows updates have a Successfully applied status. Run a Full scan, allow it to complete - do not use the computer while it's running - this is a one time scan - unless, at a later date there's a virus or malware attack that requires a full scan. After the Full scan completes, and assuming no detections, go to Quick scan, if you wish you may run a Quick scan or simply change the following setting: Scan optimization, Scan only new and changed files. We also suggest changing the same setting in the Full scan, but, only after, running the very first Full scan. Enable KSN. (ioo) After the *first* full scan, only run a full scan if a *situation* requires it. Run a Quick scan monthly. Keep KSN running always. 💥Important icons in the Scan Window: Top righthand corner: ? opens Help documentation specific to Scanning the computer, || ? = Help documentation, in all Kaspersky software. Gear⚙ icon: opens Settings Report📄 icon: opens Reports. Reports window: top right hand corner, SAVE function, can save any report as a text file (always a big help if submitting a topic here in the Community) Left hand side column, lists 16 KTS Reports, column can be collapsed. Middle section: Filter by date. Filter by value in any cell. Search by event record text. Sort the list by each report column. Change the order and arrangement of columns that are displayed in the report. Middle section, IF screen printing, & (you) wish to hide sensitive info, rightclick the column heading, uncheck the column that needs to be hidden. Report event importance levels are used in reports: Informational events that generally do not contain important information. Warnings. Events that you need to pay attention to, since they contain information about important situations that KTS encounters when running. Critical events. Critically important events that indicate that KTS has encountered problems affecting its ability to run or vulnerabilities affecting the protection level of the user's computer. Any questions, please post back? Thank you🙏 Flood🐳+🐋

Thank you for your quick feedback. I will get back to you after trying the solutions.

I am trying to discover computers based on IP subnets. The administration server did not have active directory, are workgroup. I can't discover all the vlans knowing that I can't find network resctriction I have launched the ping in both directions (kaspersky & the client) it works perfectly I can launch the installation manually or with the klshare but not with the server automatically because I can't find the devices when I launch the network discovery from the kasperscy security center I have not found a solution I need help Ps: the kaspersky server (windows server 2012R2) and the other workstations (windows 7,10): they are workgroup

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. You can set and run PLC Project Integrity Check task in KICS4Nodes console. But it is not clear how to add PLC projects into the task settings in the KSC Console. Before PLC Project Integrity Check task setting the PLC Project Investigation task should be successfully executed. Step-by-step guide Go to the KICS4Nodes policy -> Properties -> Logs and Notifications -> Interaction with Administration Server | Settings. Enable Versions of PLC projects option (disabled by default). Lock the padlock. Save and apply the policy. (Data of investigated PLC projects will be transferred to the KCS as Network lists). Go to the Properties of the target host, which will have PLC project checker role. Go to Tasks section-> Select "PLC Project Integrity Check" task -> Properties -> Settings section Click the ADD button -> You will see the list of PLC projects, which were collected by the PLC Project Investigation task. Check the projects that you want to check. Add them to the list. Enable checkbox of the PLC configurations. Apply task properties. Run the task. PLC Project Integrity Check task does not start automatically after the application reboot. You should set the schedule in the task properties. We recommend to run task by schedule at the application launch.

Hello @booger, You’re most welcome! (ioo) the tiny Quick launch keyboard icon is fine, the Secure Keyboard Input is enabled popup it generates serves no purpose at all, (ioo & that of many others,) it’s something Kaspersky “should” fix, if they’d only listen to their subscriber feedback! Need to replicate & research, we’ll get back to you. Are KVPN & Kaspersky Security Data Escort Adapter both uninstalled - see images, let us know so we can again replicate & research? When the “desktop app continually tries to install the VPN” is there an alert that you can screenprint & post for us please? Thank you🙏 Flood🐳+🐋

Guilhermesene, thanks for your reply. Very quick question is that the memory integrity box you suggest I uncheck is already unchecked ie showing as off. Whether the upgrade has changed this or whether this has always been the case I don`t know. Do you think checking or turning it on may help or should I give it a try? Thanks a lot.

Hello @ColinQ, Welcome! How to enable protection using hardware virtualization: Open the main application window. Click the Settings ⚙️icon in the lower part of the main window >>the Settings window opens. Go to Security → Secure Data Input. Select the Use hardware virtualization if available check box. This check box is displayed when the application is installed on a 64-bit version of Windows 8, Windows 8.1 and Windows 10. Select the Use advanced features of hardware virtualization check box if you want to turn hardware virtualization on when the operating system starts. ?If hardware virtualization is disabled on your computer, protection using hardware virtualization will be disabled. For On Screen Keyboard, go to the Privacy settings section → Secure Data Input settings → Secure Keyboard Input block, Moderator @Berny has posted an image in his reply above & help documentation: How to configure the display of the On-Screen Keyboard icon. IF you get stuck, post back!! Thank you? Flood?+?