Search the Community

I got my new Samsung s24 today, transferred all my apps, everything is going great and i can even login into Kaspersky. But then it asks me to login again to use the password manager and it says that my main password is incorrect, but it isn't. I've tried deleting the app on my phone and reinstalling but nothing seems to work, i've been looking online for a solution but don't really see anything helpful. I also checked on Kaspersky's site, there is a section where it asks me to enter my main password and what i'm entering there is accepted but it's not "correct" when i try on the app so i'm at a loss. Am i missing something obvious? Edit: Yes, i did miss something obvious. The keyboard layout is slightly different so i was typing the password incorrectly by a single character, don't mind me i'm smart.

More detailed scenario: I don't want anyone to have permission to run any EXE files from the D:\Download folder and its subfolders. Otherwise, they can copy, cut, create, delete freely. This is my real goal! In the absence of an execute permission, I denied all read permission on the folder, regardless of the level of trust. This certainly blocks execution, and doesn't interfere with copying files. It only bothers me that the rule actually applies every time someone accesses the file list of the folder in question. My ultimate goal is to restrict the execution of any executable (exe, msi, bat, ps1, com) on the entire D disk. And only allow it to run on a certain folder on disk D. But I consider that the launch of the event by simply listing the files in a folder is so bulky, I think that by putting the whole disk, it could be chaos, perhaps a high consumption of CPU and RAM resources. An anticipatory speculation on my part.

I have downloaded some keyboard/screen logging software on the CN download website for testing. Most of them can be identified as activity monitoring software or malware, but some of them cannot be blocked. For example, Slient Key Logger is a software without digital signatures. The latest version, V1.40, recognizes "activity monitoring software," but older version, V1.33.5, KIS doesn't block it. Probably because the old version didn't add malware to the library. It could be that the old version was not added to the malware library (Windows Defender did not block this version either) ---links removed--- I am no an IT expert, but I personally recommend adding keyboard logger and screen recording interception feature to KIS, similar to the "webcam protection" feature. Rather than finding all of these softwares and adding them to the malware library, this can essentially block a lot of malicious behavior.(In CN, some people use this kind of software to monitor others, and there seems to be no suitable software in Windows to perfect interception) System: Windows 10 x64 22H2 KIS Version: 21.2.10.391(j)

Hello @andrew75 & @kmscom, Enabling Gaming mode does not suppress this rotten Secure keyboard input is enabled (which, ioo, has no useable function, other than to annoy the living cr*p out of many users) - turning off Secure Keyboard Input - does not work either: Support say this cannot be managed. Thank you? Flood?+?

Hello, Unfortunately I cannot do that without my keyboard or mouse.

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Problem Environment: Citrix Virtual Apps and Desktops (Citrix XenApp and XenDesktop) with enabled option Citrix UPL (User Personalization Layer) Citrix App Layer Non-English Operation System localization. After installation of KSV LA 5.2, you can face the error "The specified path does not exist" which appears by launching any executable file. Possible root cause Both Citrix technologies use separate vhd files for creating VMs by using Citrix App Layer and for roaming profiles used by Citrix UPL. As the result, the merge of vhd files processes and Citrix driver returns incorrect path of where the executable files are. Workaround Install Kaspersky Light Agent 5.2 and ensure it does not connect to SVM. Disable Self Defense and exit LA. Add registry file from this archive. Launch installation of the latest cumulative patch from the archive (all further released Cumulative PFs will contain the fix as well). As soon as LA informs the restart is needed, restart VMs. Connect LA to SVM. Problem should be solved.

Ok , with this keyboard and mouse freezing cant use laptop at all now, don`t work usb external mouse and keyboard. Can`t do anything. So don`t tell me to check anything, install anything and reinstall anything. Is there any solution from CMD. Data and software inside i can reinstall pc, need to remove KIS how ?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. The article is giving a working configuration instructions for domain authentication by using NTLM and Kerberos protocols. NOTE: Domain authentication in OpenAPI over Kerberos protocol has the following restrictions: Administration Server address must be specified exactly as the address for which the Service Principal Name (SPN) is registered for domain account name. In the domain, you need to set the Service Principal Name (SPN) to publish the OpenAPI service on port 13299 for the machine with the Administration Server, the service of which is running under the name of the domain user <domain-user>. Kaspersky Security Center 13 Web Console user must be authenticated in Active Directory by using Kerberos protocol. Kerberos authentication should be allowed in web-browser. For details, refer to documentation of used web-browser. Details SPN - Service Principal Name Log in Domain Controller as Domain administrator. Open powershell as admin and run the following commands: Powershell setspn.exe -A HTTP/hostname-node-1.domain.local -u domain\user-ksc-service setspn.exe -A HTTP/hostname-node-2.domain.local -u domain\user-ksc-service Example setspn.exe -A HTTP/kscw-node-1.sales.lab -u sales\ksc setspn.exe -A HTTP/kscw-node-2.sales.lab -u sales\ksc setspn.exe -L -u sales\ksc #command for check spn records #Response Registered ServicePrincipalNames for CN=KSC Service,CN=Users,DC=sales,DC=lab: HTTP/kscw-node-1.sales.lab HTTP/kscw-node-2.sales.lab Enable Kerberos/NTLM authentication in web browsers Microsoft Edge \ Internet Explorer win + r => inetcpl.cpl Activate the Security tab. Select Local intranet and click Sites. In the opened dialog box click Advanced. Add the host name of Adaxes Web interface (e.g. host.company.com). Click Close and then click OK. Click Custom level. Navigate to Scripting and enable Active scripting. Navigate to User Authentication \ Logon. Select Automatic logon only in Intranet zone and click OK. Activate the Advanced tab. In the Settings list, navigate to the Security section. Select Enable Integrated Windows Authentication and click OK. Mozilla Firefox - https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication Launch Mozilla Firefox In the URL window, enter about:config and press Enter. In the filter text box, enter network.negotiate. Double-click the network.negotiate-auth.trusted-uris option and enter the host name of Adaxes Web interface (e.g. host.company.com). Repeat previous step for the network.negotiate-auth.delegation-uris option. Google Chrome Add the Software\Policies\Google\Chrome\AuthServerWhitelist key equal to *.<domain-name>.local to the registry Add the Software\Policies\Google\Chrome\AuthNegotiateDelegateWhitelist key equal to *.<domain-name>.local to the registry

Hello @AugustsEve, Welcome back! There are two recent similar topics with very little information: I installed KS. After restarting my PC, I can’t login to my PC because I can’t type with my keyboard Laptop Keyboard Locked Confirm, before KIS was installed, the system was checked for incompatible software? Confirm the device meets KIS hardware & software requirements? Confirm the latest KIS patch(x) x=letter, is installed? Confirm Windows updates are all installed successfully? Has the Windows Keyboard drivers been refreshed? Has KIS been uninstalled saving the LICENSE key only & clean installed ? IF 1 to 6 are all OK, please contact Kaspersky customer service, either by Chat or Email, fill in Application malfunction, Other template; support may request Logs, Traces & other data, they will guide you. If selecting Chat option, we recommend you receive a copy of the chat transcript, make sure you fill in your email address AFTER the chat is activated by the Chat agent & complete the Verify your email address email AFTER the chat completes. When it’s available, please share the outcome with the Community? Thank you🙏 Flood🐳+🐋 Resource: (please) Read before you create a new topic! tutorial by @Danila T.

First I can't get my screen to print. If it makes sense to you I have an ASUS keyboard and a dell computer. I have tried the print scr and the alt and F7 key nothing. Windows: 22H OS BUILD 19045.4046 Chrome: 122.0.6261.95 official build 64bit As far as Kaspersky I can't get anything on that. I right click it only shows pin to start, more, history, settings, data base, tools and scan. Run error Failed to run Protected Browser. Reason: Process was stopped. I can only run safe money in firefox. Chrome and microsoft edge can't do.

Hello @Boncip, Welcome! No. No. The Subscription *owner* shares the subscription, to allow for the other user to use the subscription; from their MyKaspersky account, on (your) device they will be able to: View the list of computer security problems and fix *some of them* remotely, Scan the computer for viruses and other threats - Full scan & Quick scan, Update databases and application modules, Configure *some* Kaspersky components & Disconnect (your) device. *READ* Remote management of computer protection. They will not be able to see (your) passwords or manage any of (your) data/files etc. *READ* Shared protection & all the sub-articles. Also note, Remote management & remoting to (your) computer are *different*, in (your) Kaspersky application, Self-defense, do not Allow managing Kaspersky settings via remote control applications & do not enable external management of system services, *READ* Self-Defense settings (you) can Password protect (your) installed Kaspersky application, *READ: How to password-protect access to the application management functions - however, this may not prevent the subscriber performing the above actions in point 3. as they *own* the subscription & they have *shared* their subscription with you - so they retain some control: Any questions or problems, please post back? Thank you? Flood?+?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Problem Sometimes it's necessary to check KATA detects, for example IDS, IOA, Sandbox detects. Step-by-step guide IDS detects (SPAN) To check IDS detects (SPAN) you can use tcpreplay utility on server configured to receive SPAN traffic. KATA 4.0/4.1 tcpreplay package for such versions could be found here https://rhel.pkgs.org/7/epel-x86_64/tcpreplay-4.4.4-1.el7.x86_64.rpm.html KATA 5.+/6.+ and tcpreplay tcpreplay package is not installed by default, so you should install it manually, using step-by-step guide below: 1) Download this package from HERE 2) Place downloaded file tcpreplay_4.3.2-1build1_amd64.deb to your KATA node. For example, use scp: [user@host]$ scp <your-path>/tcpreplay_4.3.2-1build1_amd64.deb admin@<kata-ip>:/tmp 3) Run installation on your KATA node with the next command: [admin@katahost]$ sudo dpkg -i /tmp/tcpreplay_4.3.2-1build1_amd64.deb Success! Now you can use tcpreplay on your KATA 5.+ or any other UBUNTU system! Before using tcpreplay you should enable tx capture for span: KATA 3.7.* In technical support mode from user root run following commands : systemctl stop apt-preprocessor.service systemctl stop suricata.service rmmod pf_ring Edit file /etc/modprobe.d/pf_ring.conf: change line: options pf_ring enable_tx_capture=0 min_num_slots=16384 # tx capture is disabled to: options pf_ring enable_tx_capture=1 min_num_slots=16384 # tx capture is enabled save file. Start pfring and related services back: modprobe pf_ring systemctl start suricata.service systemctl start apt-preprocessor.service KATA 4.0/4.1 Edit file /etc/modprobe.d/pf_ring.conf: change line: options pf_ring enable_tx_capture=0 min_num_slots=16384 # tx capture is disabled to: options pf_ring enable_tx_capture=1 min_num_slots=16384 # tx capture is enabled save file. In technical support mode from user root run following commands: systemctl stop docker rmmod pf_ring modprobe pf_ring systemctl start docker tx capture for span is now enabled KATA 5.0/5.1/6.0 - see https://forum.kaspersky.com/topic/how-to-enable-tx-capturing-in-kata-katakedre-37514/ Eicar traffic detect: Upload EICAR-Test-File_TCP.pcap sample to server with SPAN interface, then execute command from root shell: tcpreplay -i ens34 EICAR-Test-File_TCP.pcap # ens34 in this example is SPAN interface Nmap traffic detect: Scenario is the same as for Eicar detect, only .pcap file differs (# tcpreplay HackTool.Nmap.HTTP.C&C.pcap). After testing detects from span we strongly recommend to disable tx capture back again by the same way as described above for enabling. AM Engine Use EICAR's - https://www.eicar.com/ Email - send the EICAR via SMTP to KATA 25 port. (SMTP processing needs to be Enabled of course). ProTip: you may use local swaks mail client on CN to skip elaborate mail setups. swaks examples swaks --server 127.0.0.1 --port 25 --from antony@test.org --to cleopatra@test.org --attach eicar.com swaks --server 127.0.0.1 --port 25 --from antony@test.org --to cleopatra@test.org --body "link_to_EICAR_here" Endpoint - put an EICAR file to the endpoint and fetch it using GetFile task, queue for scanning. YARA detects By default, no YARA rules are supplied with the product. For test purposes one can use a test rule from YARA docs https://yara.readthedocs.io/en/v4.1.0/writingrules.html rule ExampleRule { strings: $my_text_string = "text here" $my_hex_string = { E2 34 A1 C8 23 FB } condition: $my_text_string or $my_hex_string } The rule will mark any analyzed object containing $my_text_string or $my_hex_string. TAA detects To check IoA detect (IoA detects can be checked only if you have KEDR license): Copy .bat file from attached archive Test_IOA.rar(not_infected) to any folder on host with installed EDR and start it. After some time(KATA need several minutes to transmit and process telemetry from EDR) check alerts in KATA. Alert should have type ioa_test_detect. For testing IoA detects on host more than once, .bat file should be placed to different locations on this host. On the host with installed KEA run command below in the cmd.exe shell: wmic.exe sfdguninstallkasperskyblabla There can be something else instead of sdfg and blabla, important part of command is uninstallkaspersky Command execution will fail with error, but it's not important. After some time new IoA detect should appear in KATA web-interface. TAA detects on chain of events (6.1+) To check TAA detections on chain of events, fist ensure the feature is enabled in KATA Web UI (and also, that customer's sizing allows this feature to be enabled). Then, on one of connected EDR hosts, unpack these archives and run .bat scripts: short_term_user_creation_complex.7z multiple_login_attempts_with_the_same_account_complex.7z IoC detects One can use the custom rule for testing - Ioctest.zip (infected123) - it is triggered for "c:\windows\system32\calc.exe" Automatic sandboxing in EDR To check automatic sandboxing: Unpack the archive with sample, use default password for samples: autosbtest.zip NB! Do not change MD5 of the sample. Run the sample on EDR-protected host and wait for automatic SB detect: For KESL: You can use files from attach to raise alert in KATA with Sandbox and KESL Unpack archive test_ioa_sb_linux.7z (password: "infected") and copy script "test_ioa_sb_linux.sh" with file "kl_kata_demo_starter" to host with KESL (use WinSCP or etc.). Check permissions for files: if it not executable, use command "sudo chmod 777 <file>". Run script using command "./test_ioa_sb_linux.sh" and wait to raise alert in KATA. Sandbox detect To check sandbox detect we can use file SA_sleep.exe from archive no_am_detection sample.rar. Password is inside text document in archive. Go to KATA senior security officer web-interface. Choose Storage → Upload and upload SA_sleep.exe from attached archive for KATA checking. Kata should enqueue it to sandbox , then a bit later verdict from SB should be Suspicious Activity. If SA_sleep.exe produces Not detected verdict then please use test_sb.bat from the test_sb.zip URL reputation Firstly, confirm K(P)SN is configured and works properly. MD5 used in this example should return UnTrusted status: Check KSN on KATA command for KATA 4.+ and 5.0: docker exec -it `docker ps | grep ksn_proxy| awk '{print $1}'` /opt/kaspersky/apt-ksn_proxy/sbin/ksn_client --ip 127.0.0.1 --hash 9C642C5B111EE85A6BCCFFC7AF896A51 for KATA 5.1: docker exec -it $(docker ps | grep ksn_proxy| awk '{print $1}') /opt/kaspersky/apt-ksn-proxy/sbin/ksn_client --ip 127.0.0.1 --hash 9C642C5B111EE85A6BCCFFC7AF896A51 Secondly, For traffic: access http://bug.qainfo.ru/TesT/Aphish_w/index For email (SMTP processing needs to be Enabled), send the link above via e-mail. For quick and dirty test: swaks examples swaks --server 127.0.0.1 --port 25 --from fisherman@test.org --to cleopatra@test.org --body "http://bug.qainfo.ru/TesT/Aphish_w/index"

First quick answer: > Has the *new* Kaspersky *application* been signed into, from the Kaspersky application. > I cannot do anything from the application itself, just see the window stuck with the need for an activation code Not 100% sure if I had shut down the pc completely, doubt that this will change things dramatically but will try a little bit later

During installation, you had to set a password for the admin account, and after the first launch, log in under it and pre-configure the solution (in terms of performance) If this stage is passed, then to enter Administrator mode, enter your credentials login - Administrator password - Administrator Also, don’t forget to check the local login checkbox. After logging in, you can change this password to the one you need https://support.kaspersky.ru/KATA/6.0/en-US/247449.htm

Kaspersky Virus Removal Tool (KVRT) does not have a command line interface that allows fine-grained control over certain scanning components such as system memory, startup items, and boot sectors. However, you can influence the behavior of KVRT by adjusting settings through the interface. If you want to perform a targeted scan of specific folders and exclude other components, try the following steps: 1. Open Kaspersky Virus Removal Tool: – Kaspersky Launch the virus removal tool. Applications on your computer. 2. Configure scan settings:- Look for options that allow you to customize scan settings. This is usually available in the application's settings or preferences section. 3. Exclude system memory, startup items, and boot sectors: - Check your settings to see if there is an option to exclude specific components from scanning. Look for a checkbox or setting to scan system memory, startup items, and boot sector. Disable or disable these options if available. 4. Set scan destination: - Set the scan destination to the specific folder you want to scan. Most antivirus tools allow you to specify a custom scan path. 5. Start scan: - After adjusting settings to exclude unnecessary components and specifying folders to scan, start the scan. Please note that the exact steps and options may vary depending on the version of the Kaspersky Virus Removal Tool you are using. We recommend that you refer to your product documentation or help resources for detailed instructions specific to your version. If you're looking for a lightweight and customizable command-line antivirus tool, consider checking out other antivirus solutions that offer command-line options for targeted scanning. Please note that the specific features and options available may vary depending on your antivirus product.

I appreciate your quick response. I think that Linux Machines will be upgraded during KSC 14.2 upgrade. I'm right? or Should I upgrade the Linux machines first and then run KSC 14.2 upgrade? Best regards

Hello @Stan_natS, how did you create the screenshot? The function using the 'PrtScr' key is permitted. This means that someone is sitting at your computer and operating the keyboard. Only the creation of a screenshot that is triggered by software should be prevented.

Is this what you wanted to find ? scroll down for release notes for previous versions https://support.kaspersky.com/KESWin/12.4/en-US/127969.htm and also look at the changes in hardware and software compatibility for the latest version 12.4 ... and for 12.2 12.4 - https://support.kaspersky.com/KESWin/12.4/en-US/127972.htm 12.2 - https://support.kaspersky.com/help/KESWin/12.2/en-US/127972.htm you can change the help description to suit the version you are interested in I'm afraid there is no ready-made quick comparison table...

Thanks. My version is 21.1.15.500© so that sould mean 2021. Hello @lorcav123, You’re most welcome☺ ! Correct About this, I have one more question, it should be the last one😅 On reddit I have some security discussion and one guy who saw this topic told me that I didn’t understand you, that Kaspersky browser extension offer also phishing protection, not only (as I understood) On screen keyboard. He told me this: “If using Security Cloud Free Kaspersky Browser Extension 2020 = Phishing & malware protection + on-screen keyboard (only) If using Security Cloud Premium Kaspersky Browser Extension 2020 = Phishing & malware protection + on-screen keyboard + Anti-banner + Private Browsing That’s what Kaspersky meant by ‘only’. The browser extension communicates with Security Cloud Free and provides additional protection beyond Web Antivirus. It’s ‘not’ simply there for the on-screen keyboard.” So is he correct? Also for Brave and Vivaldi I just wanted to say regarding this test I posted, that download window appers and when I click save Kaspersky block it (Virus warning), so means it working 😉@Igor Kurzin’ is right.

Hello @jbqld Welcome! So we don't have to guess, please: Read before you create a new topic! by Danila T. & provide the information? In the Kaspersky main window, are there any colours other than *green* & OR are there any *Notifications*? When the 'Windows Security to turn on Virus & Threat Protection' alert happens, in Windows hidden icons, when you look at the Kaspersky icon, what do you see? In Windows Task-manager - when the 'Windows Security to turn on Virus & Threat Protection' alert happens - how many Kaspersky application processes are running? Check & make sure Performance, PC resource consumption -> Launch Kaspersky at computer startup (recommended) is *enabled*? Has the computer been shutdown, using Shutdown, not Restart, then powered on by pressing the Power button & logging in at the login prompt - IF 'NO', please proceed with this *Shutdown* & power on procedure. Please post back? Thank you? Flood?+?

If I have the occasion to open the Secure Keyboard on sites other than those listed in Safe Money, it will open but will not operate and yet in my settings for Secure Keyboard in KIS I have ticked all internet media as well as banks etc I may be wrong but I feel that in the past I was able to use the Secure Keyboard whenever I wished to on sites that were not on Safe Money So, am I right or in fact is it only Safe Money sites where the Secure Keyboard will operate?. If so then that’s the answer and I accept that that ends the matter. However if it should work then what might be the problem? I have KIS 20.0.14.1085(m) running on Windows 7 Home Premium and the latest version of Google Chrome if that helps Thanks

Laptop Lenovo Legion win11 23H2 Kaspersky Premium. Trouble waking up after sleeping. Sleep state: Standby (S3). Only one power plan that is Balanced (and after powercfg -restoredefaultschemes). Sfc /scannow OK Note: I have an external mouse and keyboard that allow the system to wake up. The strange thing I have noticed. When I put it in sleep mode, it wakes up normally. When I leave it alone without work (Balanced option), and it "sleeps" it does not wake up. Perhaps I notice that this is a different sleep. In force sleep everything turns off and the Power button flashes. In the second case it's like the fans are running and the Power button is solidly on. (Here it does not wake up and is forced to power off). (Hibernate is OFF)

Hello @XM42, Welcome! Please let me know: (Child) Device operating system and version? Child age? KSK version? KSK Premium or Free? TouchPal Keyboard version? TouchPal Keyboard - where is it sourced from? May I have the source URL please? What application category has KSK defined for: TouchPal Keyboard? Do you wish for TouchPal Keyboard to be available for the child to use, but need it to have “Safe Search” capacity or you do not wish for the child to have access to the TouchPal Keyboard?Please post back? Thank you🙏

Ok here are the steps I had to do . 1. removed McAfee from add and remove programs. It appeared to be successful . Started the Kaspersky standard installation , it detected McAfee WebAdvisor was still detected . and incompatable . I was not really surprised about that WebAdvisor was not removed by just deleting from the add and remove 2 So I cancelled installation , and use the McAfee tool and ran. Then went back to install Kaspersky . 3. Installation went well , already ran quick scan all is good , so no more issues Just wanted to update how it went for me on windows 11. Thanks again ?

In what respect @tunathefish? Most people know not to use anything other than the *recommended* OS. Read: Smart Home Monitor resources. Read: Wi-Fi Analyzer resources. Also, there's many Smart Home Monitor topics in the Forums - you can refine the search according to your requirements: https://forum.kaspersky.com/search/?q=Smart Home Monitor&quick=1 Thank you? Flood?+?