Search the Community

Hello folks I made a request and received very quick response from Kaspersky support. Sorry it's in german but the main information (imho) you can find on https://dontkillmyapp.com/nokia which is in english. As I have no experience with adb I only have changed the settings of both of the enwell.powersaving.g3 (stopped and disabled). But it hasn't worked. Enabling other enwell-apps caused huge amount of problems which ended in Hard-Reset. Answer from german support: Bei den Nokia-Geräten ist es so, dass die Nokia-Firmware oft die Anwendungen abschaltet. Haben Sie schon folgendes ausprobiert: https://dontkillmyapp.com/nokia Gehen Sie zu Einstellungen > Anwendungen (Apps) > Alle Anwendungen anzeigen. Tippen Sie oben rechts auf das Menü > System anzeigen. Suchen Sie die Energiespar-Anwendung in der Liste, wählen Sie diese aus und erzwingen Sie das Schließen. Es bleibt bis zum nächsten Neustart gestoppt. Von nun an sollten Anwendungen im Hintergrund normal funktionieren und die standardmäßigen Optimierungen für den Android-Akku verwenden.

I installed the free SAS and ran a scan without incident. Later that evening, KAV ran a rootkit scan on its own and I ran my normal quick scan, both without any incident. The system has been shutdown and re-booted, again with no incidents or complaints from either product. It appears that whatever incompatibility the install process was complaining about is left over from earlier days and has been resolved. If anything comes up later, I'll certainly be back to talk about it. Thanks for the encouragement.

Hello BuboBubo, Thank you, it will indeed be very interesting to read what the Lab advise? Especially now, they've advised enhanced KSK "control": Alex Perekalin, June 17, 2019 Smart control for smart kids http://links.kaspersky.sm/c/2GG/H1j/KDMm9Do0kbw-LF4_EwPl2y/bP/P_J/F/40cb6a2e Our kids should surpass us in every way: talent, looks, happiness, intelligence. But children seem to get too smart too quick these days, and they can end up giving their parents the runaround in the most innocent yet cunning ways. Today’s fifth graders know very well what their parents are hiding from them, how to open locked doors, and where to find forbidden fruit online. To stop inherently curious kids from venturing off the trail online, we have parental control applications, such as Kaspersky Safe Kids. In theory, these programs restrict access to apps and websites that, according to parents, are not appropriate for kids’ consumption. But in practice, children quickly learn to bypass such restrictions or even use them for their own purposes. If you see that your child has bypassed your parental controls, your initial reaction may well be overwhelming pride — what a brain! But it’s clearly a problem, and the solution isn’t immediately obvious. Never fear: We’ve updated Kaspersky Safe Kids to tackle three typical problems that parents of overly savvy kids might face. The buck stops at WikipediaKaspersky Safe Kids has always had an option to restrict access to websites with particular types of content. It is quite typical for parents not to want their youngsters to peruse adult content, read forums about weapons, or obtain information about certain other topics. But classifying all websites on the Internet is fundamentally impossible — they appear faster than we can squeeze them into categories. So, crafty kids have always been able to find what they wanted on some obscure sites that we had not yet managed to add to our lists. But no more. We have implemented the Block all websitesfeature, which (as the name suggests) blocks access to all sites except those that parents manually add to the list of exclusions. So, say, Wikipedia, NASA.gov, and other potentially useful tools can go in this list, and children’s access to all other sites is safely blocked. The option is disabled by default. If you turn it on, all sites, except those you’ve added to the white list, are effectively blacklisted, thus preventing children from viewing them. The feature is currently available only in Windows, but will soon appear also in Kaspersky Safe Kids apps for Android and iOS. How to keep access to your favorite applications“Mom, I was at Tony’s house! Yes, till 10 p.m. No, I couldn’t call or text. You blocked all the apps yourself, and told me not to call ’cause you had important meetings. So I didn’t call.” To many users of Kaspersky Safe Kids, such excuses may sound familiar. The application has a function that allows you to block access to all applications except the phone – which is handy, but, as it turned out, not sufficient. Messengers have invaded our lives to such an extent that it is often easier to use them to contact your kid than to call, for a variety of reasons. As a result, many parents requested a feature that would let them create a white list of applications that includes more than the phone itself, and to block everything else. We listened and added such a function to the new version of Kaspersky Safe Kids. Now it is possible to whitelist useful applications and block all the rest during a certain period of time (say, 8:00 a.m. to 6:00 p.m., Monday to Friday). In other words, you can ban games from the classroom but allow anytime use of electronic dictionaries and the messenger you use to keep in touch. This video demonstrates how to set up the feature: Deleting Kaspersky Safe Kids just got harderPerhaps the worst headache for parents of smart, persevering kids occurs when the kids try to turn off or delete Kaspersky Safe Kids, and then use the device as they please. On a computer, this is harder to do (and no, we don’t have an instructional video for that), but on Android it’s relatively simple. Actually, that’s a problem common to all parental control applications, not just ours — easy deletion is an Android OS quirk. Kaspersky Safe Kids uses certain permissions for overriding the system interface with its own. This is necessary, for example, to block access to settings that the child could use to turn off parental control permissions, depriving the application of a good half of its features and effectively disabling it. But on some devices it was possible, by prodding the screen very quickly, to get into these settings and rob the application of the permissions required for its operation. Very few manage it with the first attempt, but, as everyone knows, children can be amazingly persistent when it comes to things that aren’t allowed. So given enough tries, someone was bound to get inside. Now, however, after two such attempts, Kaspersky Safe Kids temporarily blocks the phone for a minute, preventing the child from disabling parental control.

Hi Caos, thank you very much for your quick reply. Our workstations all have the S: drive mapped to our server folder \\TSVSRV01\DATA. Question 1: For the field Name or name mask of file or folder in the attached screenshot, what exactly would you specify? Simply"S:\" or rather "\\TSVSRV01\DATA"? Question 2: For the checkboxes, since I'm going to have my server scan this folder and all it's subfolders. Would it be okay for me to SELECT each checkbox... implying that my workstations won't at all scan or apply any of the other components to this folder? Thanks for your patience Caos. I can't get over how light Kasperky is in comparison to other antivirus software I have tried. So far so good. Regards, Michelle

Hello -Question- When i search through a file (.exe) using Kaspersky Internet Security it finds a file that it considers a threat. C:\Users\Me\Downloads\Patch.exe//File4260 It looks like it is a file in the installer/unpacker that it considers suspicious and not the .exe itself. The search itself searched through roughly 25 000 files. Kaspersky says the name of the object/threat is "not-a-virus:RiskTool.Win32.HideExec.bm" Kaspersky also gave me a choice when i came to handling the threat, that i could actually add exception for it or ignore it. So it seems that kaspersky doesen't see it as super dangerous? What does "HideExec.bm" mean? Is there any way i can figure out what the object in question does? I placed the suspicious file in quarantine and removed almost instantly after i searched through it and found the suspicious file. As stated in the Background below alot of people, including myself, need the patch in order to run the game at all. I will consider re-downloading the patch and using it depending on the feedback i get on this forum. I have read the kaspersky website blog post about "Not-a-Virus" but i still do not know if i should trust the identified object in question. (https://www.kaspersky.com/blog/not-a-virus/18015/) -Quick Background- There is a somewhat old game in which alot of people NEED to use an unofficial patch in order to get to run/function. The patch can be obtained from a well known website that alot of other modifications/patches can be downloaded from. There is nothing suspicious about the website itself. (https://www.moddb.com/) On the forum dedicated to the game on Steam, alot of people have brought up the fact that their antivirus program treat the patch (.exe) as suspicious or even as a virus. Many users ignore the warnings of their antivirus and run and use the program anyways. Because it's an easy way to get the game to run. I think the .exe itself is an installer for the patch for the game. Probably an "unpacker" of sorts. (User run program -> User selects game directory in the installer -> Program places a bunch of files and such in the game directory + a folder structure -> Patch Finished/Installed) There is alot of people who say it is a false positive and there is nothing to be worried about, that the antivirus treat it as suspicious because it is an .exe file. That the creator is trusted and alot of people are using the patch etc... Thank you for reading. Sorry for the long post and bad English.

me34 run a quick scan with active and inactive exception, this is enough to check either run the file that is added to the exception, with the active and inactive state, there will also be a difference

will be detected, because you run a selective scan of the file, and it runs when you wish, otherwise it will be an error that the scan is not performed during a quick and complete check, the file will be excluded from the check on the object that you specified in the exception and the protection components you specified

Hello JeffreyStratton, Thank you for the information and the screenprints - very helpful! Yup, Kaspersky is detecting httpcolonslashslashs3-us-west-2.amazonaws.comslash dropmockslashkineticslashtemplatesslashx=etc as malaware. (URL/link modified to comply with Community rules) 69 other engines show the same url/link as clean. Sometimes, due to the every changing nature of malaware, viruses and other "bad" things, the definitions and categorisations published by AV providers and referenced in database updates make false positive detections. The best course of action is to escalate the issue you've identified to Kaspersky Malaware Experts & asking them "why" the detection is happening to a DropMock program you've always used safely? If the detection is valid the experts will provide you with an explanation. If the detection is a false positive the experts will fix it & advise you. The turnaround time by the expert team for this type of issue is usually fairly quick. Please do let us know the outcome? Many thanks!

SAJFLADD Yes, a rootkit scan is also performed during a quick scan. Fast scanning requires more system resources than rootkit scan. I would not turn off rootkit scan, which is performed once every 24 hours

Tks. Have done the first part. Will try the settings part Quick Scan.

Clear check box Search for software that is intended to conceal traces of a malicious program in the system (rootkits) https://help.kaspersky.com/KTS/2020/en-US/68153.htm In Seting - Scan section, set up a schedule Quick Scan https://help.kaspersky.com/KTS/2020/en-US/68154.htm

Redmat - ransomware-type infection. The infection comes from the Djvu ransomware family. Redmat is a high-risk ransomware designed to stealthily infiltrate computers and encrypt most of stored data. Ah right, a quick search of Kaspesky's and nomoreransom.org's list of decryptors yields nothing for Djvu ransomware

Re: "why not say to developer: "Hey! Your software has many strange things and a lot of trash/unwanted software, to make it compliant, take off this and this and your software now is safe! If it is a very good software then ask for subscription or a TIP."? Because it's a developers job to know what features of their products will potentially be flagged as "Riskware" and to refine their products so they're compliant. It's not Kaspersky's or any other AV providers job to search the Internet and tell every developer, "your software is a problem because of a.b.c.d, do x.y.z make it compliant. You could raise a request with DriverPack developers, asking them to remove the "many strange things and a lot of trash/unwanted software". A quick search shows many people asking similar questions to your OP. (imo) DriverPack developers already know, they prioritize making money and pushing riskware as opposed to customer care.

Just a quick update, the VPN is now broken on the old server after updating to KSC11 and KES11.1. It was tested and proved to be working fine for a few days and then it started failing today. What needs adding as an allow rule in web control to resolve the vpn issue? The domain name of the vpn has already been added originally and that's not resolved the issue. My presumption is that the issue is KES11.1 rather than KSC11.

Hi, Still waiting for your quick response. Thank You

Hi "Flood" thanks for your quick reply I am french so obviously french will be great but english in a reaonnable level would be fine also I don't need explanation from kaspersky website that i already read many times. Everything works fine on a daily basis (block apps, limit time, request/permission...) I need a patch or a solution to prevent my son to play around with his WIKO Ufeel and disable KSK I have KSK 1.17.0.907 on my mobile (master) i have to check his when we are back at home tonight Thanks in advance

Thank you for the very quick reply. I know I have to buy a licence to use it permanently, but want to make sure i can use the free trial then use a code from ebay or Amazon to then use it permanently.

I mean you could test it in multiple VMs But a quick search through the EULA, I can't find any mention of devices or PCs (using the find function in Notepad) This is the EULA from the KFA (EU Version), if you find anything related to device limits let me know. https://pastebin.com/96jZ6nsv It's on a Pastebin link because of the forum character limit

Hello Agentgraves84, Thank for posting back! Re: Winodws Firewall alert: The "emergency" quick thinking actions you took are exactly what's required. Re: "Use browser command line, Internet Control Panel. windows/system32/inetcpl.cpl" Internet Options inetcpl.cpl Opens the classic Internet Options window. Manage Internet settings that Internet Explorer and other browsers may use. Can you check, how often this specific event is reported? Is Safe Browser/Protected browser running when this event occurs? Please check: **start Internet Explorer - normal browser a) change several Internet Explorer settings check Kaspersky application Reports - any events? **start Protect Browser b) change several Internet Explorer settings check Kaspersky application Reports - any events? Also, if it's not too much trouble, may we have a GSI https://support.kaspersky.com/common/diagnostics/3632#block7 please? Thanks!

Many thanks for the quick reply harlan4096. I suspected that might be the case. Is there an eta when F might be released? I am wondering whether its worth the effort of rolling back the upgrade or not :-) thanks Paul Also - what isn't going to work. I have tested file virus detection - works. I have tried Wicar website and dangerous URL's blocked..... Thanks

Many thanks for the quick reply harlan4096. I suspected that might be the case. Is there an eta when F might be released? I am wondering whether its worth the effort of rolling back the upgrade or not :-) thanks Paul

Hello, I using macOS Mojave 10.14.5 and KIS 19.0.0.294a.b.c.d. It happens very frequently to have the scanning (let it be Quick or Full) hang at the same object com.apple.telemetry. I'm unable to stop the scan too. The only resolution is to restart the machine. This issue was present on High Sierra too. Please advise. Thank you!

Hi, I have 2 problem with Kaspersky Small Office Security Unable tp update. I clicked the Run Update button, the button become grey color, and it stuck there. No progress for updating database. I also not able to run Virus scanning. It keep show me Previous Scan Failed. For Quick Scan and Full Scan I'm running on Windows Server 2016 Standard Edition. Dell Server with Raid 1. Anyone have idea how to fix this? Thank you.

Windows 7 Pro SP1 64-bit My current AV product, Avira Antivirus Pro, underwent some really unfortunate changes recently, rendering it unusable for my purposes, so I'm looking for a replacement. I thought I'd try the free version of Kaspersky and maybe some others before buying anything. I completely uninstalled the Avira product, downloaded and installed Kaspersky Free without incident. Ran the full scan successfully. Configured a weekday quick scan and a Sunday full scan and went about my day waiting to see how it would work. A few hours later, I opened the Kaspersky Free UI to inspect a few settings and found that NONE of the UI controls would respond. I couldn't even get the program to exit. I was only able to close the UI by logging out. I repeated the process a few times and had the same result. I wanted to uninstall and re-install the product, just in case I had missed something, but was unable to uninstall. Invoking the uninstall process brought up a dialog, whose contents I'm ashamed to say I don't remember. Nonetheless, that UI was also completely unresponsive. Unfortunately, the only way out of this condition was to manually reboot. I tried the uninstall again with the same result. Since I really needed to get back to work, I gave up and restored my OS partition from last night's backup. What's going on here? I'd really like to give this product a fair test and am pretty sure it wouldn't be widely used and highly rated if this was a common problem. What am I doing wrong? What should I be looking for?

Hello, and thanks for the quick response. Yes, I have tried adding the decrypting software to the trusted zone as "**\IronKey.exe" and also added other programs based on this list. I stopped pursuing the application route at this point after I found that disabling device control for CD-DVD drives was the only difference between it working or not. Here are links to our Global Policy and the Policy Profile in use for these PCs and users just in case the profile isn't part of the main export. I have confirmed that the PCs are using the profile through local event logs.