Search the Community

Hello, @Leo24 Received, then there is no problem with the file itself, so let's investigate who loaded this file and made the error. We may need to try to find some clues in the Windows logs. We need to get here. Start by pressing the Win + R keys on your keyboard. Second, in the pop-up Run window, type: eventvwr.msc and press Enter. Check the opened System Event Viewer for anything about the kernel32.dll error and see if there is any mention of the process that went wrong. We are waiting for your reply if you find relevant content. Regards.

"Maybe you can tell us which program you run when this error appears" •Please be informed that during download pdf articles, such announcement ..."kernel32.dll ... Entry Point Not Found"... popped up twice on two separate occasions. Also such announcement popped up, while using Pdf Creator, within an attempt to "print" the selected article. Moreover, Acrobat Reader DC version 22.3.20314.0 used to freeze for ~ 10 seconds after file opening. So, it was uninstalled and replaced with the earlier AdbeRdr11010. "whether there is any malicious program activity on your computer" •In fact, Internet drop-outs persisted for some time! Ten minutes after starting Internet session and then variously. As I was about to finish and while checking Wireless Network Connection Status, often interruption occurred. • "You can send a screenshot of the error here" Sadly, I failed to figure it out on my Latitude E5540 (Win 7 Pro), while using Fn + Print Scr keys. Possibly, due to the planned obsolescence by Dell. Consequently, some keyboard keys didn't work, yet the numeric pad numbers functioned OK.

Hello @Gigabyte You’re absolutely on the right track by blocking attacker IPs temporarily and focusing on keeping everything up-to-date. The combination of Kaspersky Endpoint Security (KES) and Unifi Network Application running on the same server does introduce unique complexities, especially when managing network security in tandem with endpoint security. Let’s optimize your monitoring and incident response a bit further. Suggested Steps to Streamline Your Approach: 1. Adjust Temporary IP Blocking Policy for KES If you notice multiple repeated attacks from the same IPs, consider increasing the block time from 1 hour to 24 hours or longer to reduce workload. Use Kaspersky's automatic response settings to log attack sources more effectively and identify persistent threats. 2. Check Kaspersky Logs More Thoroughly In KES, look under: Copy code Reports → Intrusion Detection or Network Threat Protection Look for event logs that indicate blocked attacks and cross-reference the exact timestamps with the Unifi Network Application logs. This can help determine whether it’s a real attack or an environmental quirk (e.g., false positives from network probing tools). 3. Enable KES Application Control Policies (if not already active) Set rules that restrict the Unifi Network Application’s communication to trusted IPs only. This reduces the risk of malicious actors exploiting vulnerabilities in either the network or application console. 4. Unifi Controller Logs and Device Segmentation Strategy Even though the Unifi APs remain functional when KES blocks an IP, it’s worth checking: Events and Alerts in the Unifi Network Console: Look for anomalies like multiple disconnections or abnormal bandwidth usage. System logs on the server hosting the Unifi application to confirm there’s no indirect issue. Use device grouping and segmentation to ensure critical infrastructure stays isolated from guest and IoT devices on the same network. This minimizes attack surfaces. 5. Regular Threat Intelligence and Firmware Sync Continue applying the latest firmware and software updates to both KES and Unifi systems. Subscribe to Kaspersky’s Threat Intelligence feeds and Ubiquiti’s community alerts to stay ahead of any vulnerabilities or zero-day issues that may arise in their platforms. 6. Automate Device Blocking via Unifi Policies (Optional) If attacks become more frequent, you can configure Unifi's firewall rules to temporarily block devices at the AP level, rather than relying solely on KES. This will ensure that malicious connections are dropped network-wide without affecting device usability. 7. Conduct a Test Simulation Simulate an intrusion attempt in a test environment to ensure both KES and the Unifi Network Application work harmoniously without introducing conflicts. This will also give insights into which logs to focus on for quick future troubleshooting. In essence, it sounds like KES is doing its job well by blocking suspicious connections without disrupting regular operations. Keep up the monitoring efforts, and cross-check logs regularly to ensure alignment between KES and Unifi security policies. If the issue persists or escalates, a more permanent IP blacklisting strategy or additional network segmentation rules might help eliminate attack vectors more effectively. Thank you

Hello @Ray Jax No need to worry! Since Kaspersky blocked the download, it successfully prevented any potential threat from affecting your system. Just a few steps to ensure peace of mind: Delete Any Residual Files: Although Kaspersky blocked the download, checking your downloads folder or temp files for any incomplete or suspicious files is a good habit. Scan for Potential Threats: Running a quick or full system scan with Kaspersky will confirm that no other parts of this download attempt slipped through. Keep Kaspersky Updated: Ensure your antivirus definitions and program are fully updated so it continues catching any future threats. If Kaspersky blocked it right away, your system should be safe, and no further action is needed beyond these checks! Thank you

@harlan4096 The file (MsiInfo.exe) still shows up as corrupted when I do a quick scan. Also, I hadn't mentioned earlier, but there is also another thing that shows up: Event: Object not processed User: OMNI\[redacted] User type: Active user Component: Virus Scan Result: Not processed Result description: Not processed Object type: File Object path: C:\Users\[redacted]\AppData\Local\VirtualStore\Program Files (x86) Reason: File not found Anything I should do? Should I upload the file here(somehow)?

Hello, I'm using Kaspersky Plus and I have an issue with downloads. Whenever I try to download something from a browser, Kaspersky blocks it. This is especially noticeable with medium to large size files. Kbs files most of the time are no problem cause they're quick enough to download. But the larger files get blocked during the process. It happens on every site, even files from the Kaspersky website get blocked. If I suspend the Kaspersky protection, I'm then able to download files without problems. Kaspersky Plus version: 21.18.5.438(a)

Hi guys, Thanks for the quick response. #3. Yes, it has been running on my system for almost a year but I always had issue with Gliffy and Draw.io in Confluence. They just did not work. Yesterday, after some months of quiet time, I gave another go to Confluence with Draw.io (a new temporary full license and added Draw.io to my space). I made my first diagram but after saving it, I got the error above, "Diagram Not Found". I tested this issue with Edge, Chrome and Firefox (including private browsing) on Windows 10 and I could not see my diagram in Confluence. Then I read the following case at the Atlassian Community website. So I de-installed Kaspersky Premium and surprisingly I could see my Draw.io diagram in all Internet browser platfroms. Then I re-installed Kaspersky Premium (it was a clear install", and installed/enabled Kaspersky Protection Extension for Firefox. This produced the original problem with reading my Draw.io diagram. I played with Kaspersky Protection Extension for Firefox but nothing worked (even disabling it). So I removed Kaspersky Protection Extension from Firefox, and restarted Firefox. Unfortunately, my Draw.io still did not work and Kaspersky Premium still showed that the Kaspersky Protection Extension for Firefox is ON. Then I stopped and started Kaspersky Premium again and finally it showed that Kaspersky Protection Extension for Firefox was not enabled. And my Draw.io diagram worked again. #2. I will test this and come back #1. I did not enabled Kaspersky Protection Extension, for Private Browsing. But I tested the issue on all the three Internet browser platform in Private (Firefox), Incognito (Chrome) and InPrivate (Edge) modes, none of them worked. The same happend in non private mode of these Internet browsers. I will set this up for Private browsing to see how it works.

How hard is it to give us an option to disable that very annoying popup? Your users have been suffering for years and have been asking for a way to get rid of the secure keyboard input popup while still having the feature ENABLED and working in the background, but things are the same even with your latest editions (Kaspersky Plus). I think whoever thought it was a smart idea to remind the user about it every single time shouldn't have the power to manage and develop your software. Im a paying customer since 2006 and I had to turn off this feature and live without it whenever it came out (it's definitely been 5+ years). I just moved to a new computer and I've been configuring my settings and guess I will still need to disable it and live without that feature for many years to come...

Hello @ LouisLewis To address the attack and improve your protection, I’ll walk you through several possible solutions to enhance your Kaspersky Endpoint Security (KES) configuration and bolster your network defenses. Since this attack caused a disruption, it indicates either a potential misconfiguration or an area where additional layers of protection are needed. Here’s a step-by-step approach to strengthen your setup: 1. Review Kaspersky Configuration and Policies Application Privilege Control: Ensure Application Control is fully enabled and configured. Set up Network Rules to restrict certain IP addresses or block applications that attempt suspicious outbound or inbound connections. Intrusion Detection and Prevention (IDS/IPS): Enable the Network Attack Blocker feature in KES if it’s not already active. This module can detect and prevent suspicious network behavior. Web Control: Use Web Control policies to block access to malicious sites or IPs flagged during the attack. Cross-check the IP in Kaspersky’s threat intelligence or an external source like VirusTotal to confirm its malicious intent. 2. Block the Attacking IP Address on the Firewall Even though KES offers endpoint protection, it is crucial to complement it with perimeter defenses. Add the IP to your firewall blocklist. Use Geo-blocking if the attack originates from a suspicious or irrelevant region. Implement Rate Limiting or Traffic Shaping on your firewall to mitigate DDoS or flood attacks. 3. Enable Firewall and Host Intrusion Prevention on Endpoints Make sure that KES Firewall is properly configured: Add a custom rule to block the specific IP address involved in the attack. Enable Host Intrusion Prevention (HIPS) to detect and block exploitation attempts on endpoints. 4. Update Threat Feeds and Indicators of Compromise (IoC) Use Kaspersky's Threat Intelligence feeds and any available IoCs to proactively block known bad IPs or domains. If your KES has EDR (Endpoint Detection and Response) or Threat Hunting capabilities, upload any indicators (e.g., the attack method or IP address) to block future attempts. 5. Advanced Logging and Alerts Setup Enable event logging and notifications in Kaspersky Security Center (KSC): Configure alerts for specific events such as repeated failed login attempts, new IP connections, or brute force attacks. Integrate KSC with your SIEM solution to get real-time monitoring and correlate logs for suspicious activity. 6. Check for Configuration Gaps Run a KES Policy Audit: Make sure all machines have the latest KES policies applied. Use Security Profile Reports in KSC to identify any endpoints with incorrect configurations. Install Kaspersky Network Agent (NA) on all endpoints to ensure real-time communication with KSC. This helps with quick policy updates and ensures accurate reporting. 7. Complementary Security Measures Implement Multi-Factor Authentication (MFA): This mitigates risks from unauthorized login attempts. Patch Management: Ensure all software on your endpoints is up-to-date to avoid vulnerabilities. Summary of Actions: KES Configuration: Ensure IDS/IPS and firewall rules are configured correctly. Add IP-specific block rules. Firewall Configuration: Block the attacker’s IP and implement rate limiting. Alerts & Notifications: Enable logging and alerts for suspicious activity in KSC. Threat Intelligence: Regularly update Kaspersky with IoCs and threat feeds to block known malicious IPs proactively. By reinforcing both KES and your network firewall, you’ll minimize the chances of a future attack causing service disruptions. If you need help auditing your Kaspersky setup or configuring any of the above features, let me know! Thank you

Hello, Please check this article for further details about adding an Applications Launch Control rule : https://support.kaspersky.com/KSWS/11.0.1/en-US/178908.htm

I'm trying to install kaspersky stander plus, once downloaded the installer do nothing. I have tried: Run as administrator Clean temp files Installed framework 4.8 Windows updates are up to date I dont know what else to do. The installer does not run on windows 10. The wizard to instal the antivirus does not appear.

Hi, I had run a quick scan about two days ago, and I hadn't noticed that the AV had found two (one?) corrupted objects and a missing file. Just wanted to know what I can do about it and what it means. The relevant part of the log: 10/14/2024 6:32:35 AM C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\MsiInfo.exe\Obsidium Corrupted Object corrupted File C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\MsiInfo.exe// Obsidium Corrupted OMNI\[redacted] Initiator 10/14/2024 6:32:35 AM C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\MsiInfo.exe Corrupted Object corrupted File C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86 MsiInfo.exe Corrupted OMNI\[redacted] Initiator 10/14/2024 6:34:03 AM C:\Users\[redacted]\AppData\Local\VirtualStore\Program Files (x86) Not processed Object not processed File not found File C:\Users\[redacted]\AppData\Local\VirtualStore\Program Files (x86) Not processed OMNI\[redacted] Active user

Why after installation of a new Kaspersky Premium my PC won't shut down? Takes ages and I switched off by force. With previous Kaspersky Total Security it used to start up and shut down very quick. OS is Windows 10. What is the problem of VPN Kaspersky Secure Connection? When I try to use it almost all websites open blank page with error: 'Anonymous Proxy detected'. As I understand the purpose of VPN Secure Connection is to hide my real IP and to avoid any proxy detection. I tested it with all servers list from countries A to Z.

Hi Flood, I just did some quick research on this UltraAV, I can't trust it. If Kaspersky is out of the queue, I am switching back to bitdefender as my backup plan. Where can I process a partial refund? I am not using this garbage. Or as far as I know, they are banning the US license right? So can I just get a Euro key instead? So I can get my damn database updated?

Procedure for Potentially Reconfiguring Linguistic Parameters within the Kaspersky Application Post-OS Transition: Initiate the Kaspersky Interface: Firstly, activate the Kaspersky utility, ensuring it is not impeded by any underlying processes from the prior OS version, now upgraded to Windows 11. Navigate Toward Configuration Modules: Identify and interact with the ⚙️ symbol, generally discernible in the application's inferior-left quadrant. This interface pathway should theoretically transport you to the settings repository. Seek Out Semi-Autonomous Locale Variables: Once within the labyrinthine settings structure, embark on a meticulous search for the subcategory ostensibly titled Interface or, potentially, Appearance, wherein cryptic references to language modulations (commonly known as "Sprache" in German parlance) might be obscured. It’s essential to scrutinize every potential cue indicative of linguistic preference settings. Modify the Linguistic Parameter: From within the probable dropdown schema, initiate the reassignment of the operative language to the desired Deutsch (or Italiano, contingent on previous user configuration). Bear in mind, the exact location of this menu may be obfuscated by other non-linguistic interface variables. Application Reboot Procedure: Upon successful reconfiguration of language parameters, allow the system to prompt a termination and subsequent reinitialization of the Kaspersky application. Failing this, manually initiate a cessation of all processes associated with the application and commence a fresh launch. Optional Reinstallation Protocol: Should the aforementioned methodology prove futile, consider a complete procedural removal of the Kaspersky software package. Subsequently, navigate to the official distribution portal, and during the reinstallation process, exercise extreme vigilance in selecting the appropriate linguistic module—Deutsch (or Italiano)—at the preliminary stages of the installation process. By adhering to these labyrinthine instructions, you may ultimately succeed in reverting the application’s operational language to the initially intended state. If issues persist, further deconstruction of the user environment may be necessary.

Hello @blueice It sounds like Kaspersky is flagging your licensed WPS installation as a potential threat, possibly due to a false positive. To resolve this, you can whitelist WPS Office in Kaspersky's settings to prevent it from being removed automatically. Here’s how to do it: Steps to Whitelist WPS Office in Kaspersky: Open Kaspersky: Launch your Kaspersky security software. Go to Settings: In the main interface, click the gear icon (usually in the bottom left) to open Settings. Access Threats and Exclusions: Under Settings, look for the Additional section, and select Threats and Exclusions. Manage Exclusions: Click Configure exclusions under the Exclusions section. Add WPS Office to Exclusions: Click Add to create a new exclusion. Select Browse to locate the installation folder of WPS Office (often found in C:\Program Files or C:\Program Files (x86)). You can add the WPS folder, and make sure to check the option to exclude it from all protection components. Save the Exclusion: Confirm your changes by clicking Add and OK. Save and close the settings menu. Verify: After whitelisting, try reinstalling WPS Office and check if Kaspersky still removes it. If Kaspersky Still Removes WPS: Make sure your Kaspersky software is up-to-date, as outdated virus databases can result in more false positives. You can also contact Kaspersky support to report this issue, so they can review it and possibly remove the false flag in future updates. Let me know if this works or if you need more detailed instructions!

There seems to be some issues with Kaspersky Safe Kids 23.0.0.418 and Fortnite - Which both my kids play regularly. When launching the game it will hang and then leave me no choice but to restart the computer (can't even open task manager). Even when disabling Kaspersky Safe Kids this issue still persists. Only when I fully un-install the application does the game work again. I can replicate this by then installing Safe Kids again which will produce the crash on launch. I can only assume Safe Kids is trying to capture what is happening when the anti-cheat or the game itself is loading - I don't even have app monitoring on. I've dabbled with quite a few of the settings and still can't get it working. I would like the peace of mind knowing safe kids is installed but at the moment it's unusable due to this fact (I can't even pause it - The program has to be totally un-installed) - I have tried a full re-install which doesn't help - I even did a fresh install of Windows 11 trying to cure the issues until I pinpointed it to Safe Kids. Can you offer any advice? I'd be happy to grab logs if that's possible.

I created a pdf file days ago by combining multiple images and compressing it using adobe acrobat PC ver. It looked fine at the time. Now when I open it, it's a completely different file. It has the content of another pdf file on my pc but has the size of the original one, and yet worse, it has a creepy cyphered message? It freaked the sh*t out of me. I scanned the file using Kaspersky, but the results were negative: "no threats". I ran a quick scan, also turned out negative. I'm currently running the full scan. Could there be a virus on my PC that Kaspersky isn't able to detect? What do I do?

Apologize once again but this report should not be clarified as closed since this abnormal symptom with report window not registering rootkit or quick/complete scans still happening even with Kaspersky Standard 21.18.5.438(a). I can't record properly this bug because there are moments the scan will be registered and displayed and sometimes not. Ever since Kaspersky Standard 21.17.7.539 which I have firstly see happening on May untill September with actual version KS 21.18.5.438(a) this unknown behavior have been going and the company should be aware of it. Whenever I execute these scans if I don't keep report window opened, there is a chance the task is not being saved and registered with full detail on report window so with my last studies about this bug. Having opened and minimzed report window whenever scans are about to finish. The task will display as they are ongoing but at the end when is over. The scan is saved, being registered and display but if I close report window or click to update there is a %60 of chance that task will not be registered or displayed on report window. I'm annoyed to know that I have been facing this bug for a while and I would like revive the situation regarding this unknown bug which started at May 9th accordingly to my first post.

Well I'm going wait till the company update the version and solve as they should because It have been recently I've installed KS onto my PC and I really not in the mood to uninstall or repair while protection gets disabled meanwhile I try to fix this functionality. There alternative method which I never used before is 'Selective/Selected scan' and if I want to verify a single file. All that I need is to copy the destination path and add '\xxx' at the end of destination. So I'm hanging on using this method to run quick scans onto singular files and not a subfolder. I'm going keep waiting till company fix this.

Hello, Im having a problem with a website, where i get an rerror code when trying to go to check out. Here is the rerror code: HEUR:Trojan-PSW.Script.Generic. I also get this message: Prevented the download of a malicious file or other object designed to infect your computer with malware that will slow it down, destroy your system, or cause other problems. We protected you from downloading this object. You can safely close this window. The problem is that i have never had an issue with website before. here is link to the page https://www.hijabhus.com/quick-order. Could this maybe be a false flag?

It appears that all Kaspersky extensions ✅ can in fact be installed without searching for them through the Chrome/Edge/Firefox extension stores! I was only aware of this now and I will explain it below since it wasn't very clear even to me who I've been using Kaspersky products for many years. To install Kaspersky Protection extension: Open your Kaspersky for Windows app, search for "extension" in the search box, and there you will find all the extension-related info. I already had all the extensions installed, so I made a quick test by deleting KP extension for Firefox, but it was still stuck to "On" even when I restarted Kaspersky Plus & Firefox. However, once I restarted both apps I got a Windows pop up from Kaspersky Plus asking to install the extension for Firefox. If you weren't successful with installing the extension this way, just install it through the link here (link is alive when writing this post): https://chromewebstore.google.com/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm For more info: https://support.kaspersky.com/common/start/12782#block4 To install Kaspersky Password Manager extension: Open your KPM for Windows > Settings > Browsers, then just click on install from there. I tested it on Firefox by deleting my extension then re-installing it through here. It started downloading the extension by itself and I was able to install it like usual. Hopefully things will continue working nicely like this for all of us who are not living in USA! I can't verify if this will work for US-residents, so maybe someone try this and let us know? Thanks to everyone who tried to help. This thread is now solved.

I woke up Thursday morning to find UltraAV on my PC and didn't know what it was or where it came from. A quick search of the name and I was able to figure out what happened from all the irate people that were in my same situation. To say I am beyond disappointed in Kaspersky is an understatement. I swore by your product for almost a decade and was pretty pissed off when I found out about the US forcing you out of the market. That said, this little stunt with UAV destroyed any sympathy or good will I had for you guys. My PC crashed 8 times in two days and locked-up or failed to reboot countless times. Attempts to roll back to restore points failed, attempts to restore a backup image failed. I lost 1/2 a day from work screwing with the PC until finally I was able to boot it into safe mode and remove that abomination of an AV utility. I now get to lose my Saturday tomorrow doing the same on my kids and wife's PCs. I cannot stress in any more plain English than this move royally pissed me off. Please fire any bone-headed executives or managers s that approved or followed orders to execute such a stupid action without so much as a popup asking people if they were OK with installing a third party's utility.

Thanks for the quick explanation but i did same steps like you. Downloaded to my Windows computer (Windows 10 - i don't think it's relevant with 10 or 11) and not detected. And then i copied that from Downloads to Desktop and still not detected. Not deleted. I wish i would record a video about this but i only took screenshot. By the way console_zero.exe needs some libraries like in that error. Malware is downloading some libraries and executing itself. If you want re-procedure the attack simulation i can help you. Also we prepared a report an analysis report about this malware type. Anyway, let's wait the final verdict and see how it's going. But as i said before i copied the malware and it didn't detect. My KP version is 21.18.5.438(a)

This is more of a rant than a question. I manage Kaspersky since 2012 in my office. Everything was managed by KSC for windows for years and worked fine. Last year, September 2023 I was glad to see the availability of KSC 14.2 for Linux so i decided to make this step and migrate everything on Linux, saving a windows license. Transition was easy and I spent the first week trying to learn how to use the atrocious web console. I was extremely happy when a user on this forum suggest me how to connect windows MMC to Linux KSC and this was my setup for 11 months. Last month, august 2024 I start receiving messages on web console (yeah, sometimes I used it) saying certificate was about to expire. I've searched online for solution and found that was necessary to re-launch the exe on windows, zero Linux instruction on how to solve this. In my mind equation was easy: I will update Linux KSC 14.2 to 15.1 (which was released many months before and I considered mature enough) and the new version will fix the certificate problem. So I did it, update was fast and smooth but here comes the problems. 1- web console was a DISASTER, way worse than the already terrible 14.2, I had errors every page or device I open, console keeps hanging or closing. After hours of reboot and a couple of database fixup and maintenance task it was much better (still far from "OK"). Why the upgrade procedure didn't execute a database fix up by itself as part of the upgrade saving hours of problems?? 2- certificate problem WASN'T fixed. I had the banner at the top of page for some days but I had no time to dive into it, now I can't login anymore and I have no idea how to solve this (check attachment). Easy: I can read the guide, I remember the Kaspersky support page usually are complete and helpful... Bullshit. There are zero support page for linux KSC 15.1 and almost zero linux KSC support page in general, just a few on how to update, how to install. OK and how to solve problem X and Y..? Kaspersky had 12 months to update the articles. This simply means they don't care about their customer. 3- Linux KSC is still missing a ton of functionality compared to windows, many limitations. And now I discovered that windows console MMC, one year after release is still not available and who knows if it ever will be, in future. Source Now: I can't login from browser and there are zero articles online on how to solve this (any help here on forum is appreciated), I can't login from MMC because it simply doesn't work anymore on version 15.1. Antivirus in my office are totally out of control, I can't do anything at the moment. This is a shame and I'm extremely upset.