Search the Community

Hallo, wollete das neues Windows 11 Update 24H2 installieren, es bricht aber wegen Kaspersky ab. Man soll sich die neueste Version installieren. Ich habe Total Security 21.3.10.391(m). Gibt es eine neuere ? Bei Kaspersky finde ich keine andere. Danke

Problem Afted updating KSC for version 15.1 we can see error Some of the trusted Kaspersky Security Center certificates expire soon. Run the installer in Modify mode.. Workaround Gather WEBconsole log (you can run collect.sh and check /tmp/collect/kaspersky/KSC-web-console/logs) Instruction Search latest log logs-KSC-web-console-server#ephemeral In this log search CertValidTo" {"level":"info","version":"15.1.523","tags":["OS Hostname: ksc"],"message":"[TRACE] *** Response for command CertUtils.GetCertificateAttributes with requestId \"-c0_E6dgBF\" finished with: ***","timestamp":"2024-12-09T06:47:10.350Z","component":"KSC-Web-Console-server","data":{"PxgRetVal":[{"type":"params","value":{"CertExtensions":":\n ----cutdata---- "CertSerial":"5095780E8D87F26489813A0621A6586174545D04","CertSha1Thumbprint":"6660E54552BE0A05A811B82A213ADC02FD252378", "CertValidTo":"Jan 7 10:34:17 2025 GMT","CertValidToTime":{"type":"datetime","value":"2025-01-07T10:34:17Z"},"CertVersion":3}}]},"extendedData":[{"connection":{"uid":"DkQUL3KKvr","clientUid":"sA5n2fHrk"}}]} Find all certificates that expire less than 1 month Copy all certs serials "CertSerial":"5095780E8D87F26489813A0621A6586174545D04" Get certificates in next catalogues in webconsole catalogue ls *.crt server/plugins/*.crt -l Next, use the openssl x509 -in cert.crt -serial -noout command to get the serial number. Instead of cert.crt, substitute the path to the certificate obtained by the above command. Then check what cert is expired if expired cert is KLRootCA.crt, nsq-server.crt, server/plugins/plugin.crt, signal-server.crt, utilility.crt, web-server.crt You need to reinstall the web console to generate new certificates RCA The root cause is that the console looks at all the certificates in the catalogue, some are no longer in use.

Für mich ergibt sich daraus ein Bild (ohne Anspruch auf Richtigkeit): Vermutlich wurde bei Dir Patch "C" vor ca. zwei Wochen heruntergeladen, konnte aber wegen evtl. fehlender Internetverbindung noch nicht vollständig installiert werden. Dafür spricht auch das langsame Updateverhalten. Als der Patch dann installiert war, waren einige von ihm verwendete Daten veraltet, Mit dem nächsten Update konnten sie aktualisiert werden. Also alles im Rahmen. Die Mail vom Forum wird wahrscheinlich durch Deine beim Wiederherstellen der Internetverbindung vom Provider vergebene neue IP ausgelöst. Du kannst die Emailbenachrichtigung in Deinem Foren-Profil auch abstellen.

Kaspersky version 21.22.7.466(a) windows 11 pro Probably a paranoid question, but last Friday Kaspersky suddenly showed an upgrade popup saying 'added support for Opera/improved phishing protection' and a few other things, and after I closed the popup, Microsoft immediately notified me that you need to update your antivirus or turn Windows Defender back on; simultaneously, Kaspersky showed a warning that the database is extremely out of date. So I update the antivirus, and now everything seems to be working fine. My question is, is this how Kaspersky software upgrades work? I'm assuming it was a software upgrade because I installed Kaspersky version 21.21, and now it's 21.22. So it's either a Kaspersky upgrade or a zero-day malware hitting me for no reason lol😅. Here are a few screenshots from my Kaspersky version so the experts here can take a look. Any advice would be appreciated.

Hello everyone. For a few days now I've been experiencing a really annoying problem... but one that I haven't been able to resolve in any way. I have a Dell notebook which until a few days ago was equipped with Windows 10 pro... and my Kaspersky Standard 2025 antivirus. Given the imminent end of Microsoft's support for Windows 10, I proceeded to update the notebook to Windows 11 Pro... a procedure which was perfectly successful. The PC works perfectly with any program... except with the Kaspersky antivirus. To be more precise, the antivirus works well and does its job... but when I start a full scan... it blocks my PC... so much so that all that remains is to reboot. Browsing a bit on the internet I found a user who attributed a problem similar to mine when the full scan was performed with the Iswift and Ichecker scanning technologies active (accessible in the advanced settings). Obviously I tried to disable them both and also one at a time... but there's nothing I can do. Karpersky starts scanning but doesn't even reach 1% before the notebook crashes (see attached image). I also tried to overinstall the most recent standard Kaspersky antivirus on my version... i.e. 21.23.6.614 but the problem continues. I ran various tests...including the scannow...without getting anywhere.. This is why I thought I'd report my problem here, hoping that some of you (who may have had the same problem) can help me in some way. I thank in advance anyone who wants to intervene. A good evening. Alex

Hallo @asbachuralt, kannst Du bitte mal prüfen, welche Version bei Dir aktuell läuft? Sie wird Dir angezeigt, wenn Du im Hauptfenster unten links auf das Headset-Symbol klickst. Ist es die 21.22.XXX oder schon die 21.23.XXX? Mein Verdacht ist, dass Du bereits die MR23 erhalten hast. Da ist nach der (automatischen) Installation ein Update notwendig, das erst 15 Minuten nach der Installation automatisch erfolgt.

Hello @Tangerine14, Also, we don't know where (you) found the three installers, however, this guide: Kaspersky: Basic, Standard, Plus, Premium - info & FAQ, by Danila. T. (Kaspersky), is a reliable & up-to-date resource to update (your) Kaspersky Premium by selecting link, as shown in the image: Thank you🙏 Flood🐳+🐋

yes i understand it now a deeper analyis of the cause of issue is required to understand the root problem triggering this BSOD to occur. i have the kaspersky internet security AV on my old family laptop which runs windows 10 without any dedicated GPU and therefore i assume this is not affecting it but since most devices run windows 11 along with dedicated NVIDIA GPUs , this driver conflict might be a problem faced by multiple kaspersky users due to the same core security components being used for both paid and free users , which i wanted to bring it to notice for kaspersky team to go through it and analyse and fix this bug affecting its customers.🙂 and yes regarding to the updates installed , i have not enabled windows insider program or opted into latest updates as soon as they get rolled out. i have attached the recent updates installed which was after re-installing my windows 11 nearly a month ago to check if it would solve this issue As mentioned cumulative update preview is installed and not the preview version as seen in the screenshot provided

De automatische distributie van de nieuwe versies 21.23 NL Kaspersky Standard - Plus - Premium is begonnen, de uitrol van de update gebeurt geleidelijk.

Ciao @Alebit , il problema che descrivi è molto probabilmente causato da un conflitto o da un'incompatibilità emersa in seguito all'aggiornamento a Windows 11 Hai provato a disinstallare kaspersky e a reinstallarlo? ricorda che devi sempre usare l'ultima versione disponibile dell'applicazione. https://www.kaspersky.it/downloads#update-product Se hai già provato senza successo allora conviene usare il Kavremover ma per sicurezza contatta l'assistenza tecnica kaspersky anche via chat Orari: Lun - Ven, 09:00 - 17:00. Saluti

Welcome to Kaspersky Community. Please provide version of K. product version installed. I guess You have Your W10 fully update via Windows Update, checking also Optional. Hibernate or Suspend the system?

Hallo, ich kenne das Problem. Meist liegt es daran, dass das Gerät länger offline war. Andere Gründe könnten sein, dass die Kaspersky App einen Update benötigt. Da sie bei Android-Geräten nicht mehr im Play-Store zu finden ist, muss dies meist über einen andern installierten Store passieren, und manuell angestossen werden. Eine weiter Möglichkeit ist meist, dass man den neuen Lizenz Bedingungen in der Kaspersky App noch nicht zugestimmt hat. Falls ein PW-Manager installiert ist, gilt das auch für diese App mit den Zustimmungen.

https://forum.kaspersky.com/topic/kaspersky-update-utility-40-25435/

@Flood and Flood's wife@Berny thank you so much app updater can auto update 7zip and winrar on my pc completed but anydesk only can't update by kaspersky app updater i know when i download manual update from anydesk official website and install again can fix problem but want send report to kaspersky case anydesk only can't update by kaspersky app updater. when click try again button problem not reslove

I tried to find Sp2 update patch , but couldn't find any download link for offline update , that's why I had to go for older version of KSWS. when I tried to install ksws_server11.0.1.897 , I got below error.

Hello, I’ve been facing a persistent issue with Kaspersky VPN Secure Connection on Windows 11. Whenever I enable Split Tunneling (for example, activating VPN only for Discord), some online games such as Battlefield and other titles freeze or get stuck at the loading screen after clicking “Ready”. Here are the details: Windows version: Windows 11 (latest updates installed) VPN: Kaspersky VPN Secure Connection (latest version) ISP: Turkcell / Superonline (Turkey) I tested the same configuration with another VPN that supports Split Tunneling — and everything worked perfectly fine. This problem seems to appear only when Kaspersky VPN is running. I have already: Tried disabling all Kaspersky protection features temporarily. Reinstalled the VPN. Reset network settings and cleared DNS. Tried different servers and protocols. This same problem happened to me a few months ago and it resolved itself automatically after an update, but now it’s back again. I am quite experienced with networking and system configuration, and I’ve verified that the issue is not related to Windows Firewall, routing, or game servers. It’s definitely connected to the Kaspersky VPN Split Tunneling behavior. Please investigate this issue or let me know if any logs or diagnostic traces would help.

In KSWS/KESS/KICS there is an option in update task to Lower the load on the disk I/O. It is important to understand that when this option is enabled the task does not use HDD resources at all. Updater will not only place current updates to RAM. Update temp and cache files will also be placed there. Incorrect expectation: The task uses dedicated amount of RAM, in case if dedicated RAM is not enough for all update files including temp and cache task will continues through HDD. Actual product behavior : The task uses dedicated amount of RAM, in case if dedicated RAM is not enough for all update files including temp and cache then task fails with the error: Failed to update. Reason: insufficient drive space.

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Problem: You have a new CPU in your managed device and Windows operating system released prior to Windows 10\Windows Server 2016. Start "Find vulnerabilities and required updates" for a managed devices. Task results and Kaspersky Event log on a workstation may indicate a following error: Windows Update Agent error 80240037 ("The functionality for the operation is not supported.") #1181 (-2145124297) COM error 0x80240037 (wcode: 0) '' Additionally, if you try to update workstation directly from Microsoft Update servers, you may see an error message in the Windows Update window that resembles the following: Windows could not search for new updates An error occurred while checking for new updates for your computer. Error(s) found: Code 80240037 Windows Update encountered an unknown error. Cause: This error occurs because new processor generations require the latest Windows version for support. Solution: Microsoft recommend that you upgrade Windows Server 2012 R2-based and Windows Server 2008 R2-based computers to Windows Server 2016, and Windows 8.1-based and Window 7-based computers to Windows 10, if those computers have a processor that is from any of the following generations: Intel seventh (7th)-generation "Intel Core" processor or a later generation AMD seventh (7th)-generation (“Bristol Ridge") processor or a later generation Qualcomm “8996" processor or a later generation More information on this topic can be found in the following Microsoft article: https://support.microsoft.com/en-us/help/4012982/the-processor-is-not-supported-together-with-the-windows-version-that

In KSWS/KESS/KICS there is an option in update task to Lower the load on the disk I/O. It is important to understand that when this option is enabled the task does not use HDD resources at all. Updater will not only place current updates to RAM. Update temp and cache files will also be placed there. Incorrect expectation: The task uses dedicated amount of RAM, in case if dedicated RAM is not enough for all update files including temp and cache task will continues through HDD. Actual product behavior : The task uses dedicated amount of RAM, in case if dedicated RAM is not enough for all update files including temp and cache then task fails with the error: Failed to update. Reason: insufficient drive space.

Kaspersky's history and dedication to customers! "Kaspersky began with a simple mission to protect people and businesses from cyberthreats and build a safer world. Our founder, Eugene Kaspersky, believes 'everyone has the right to be free of cybersecurity fears'! And it is this belief that underpins our efforts as a company. Kaspersky products are always at the forefront of technology, delivering state-of-the-art protection for our users". "Kaspersky's customer service is also highly regarded. We offer the option of 24/7 remote IT support with our consumer products, which can include services like remote installation, virus check and removal, and PC health checks. Having this priority access to support, gives our customers greater peace of mind, because they know we're always there to help". • So how on earth sadistic saboteur inflicted ordeal with impunity since Oct 2024, to the detriment of my Latitude E5540 (Win 7 Pro) reliability, besides the torment inflicted on me. Whilst the incessant internet interruptions cropped-up at will of the imbedded saboteur, virtually breathing down-my-neck. Compounded by the relentless email log-in impediments via sadistic verifications ploy. Compelling repeatedly to identify a lot of vague features within the obscure images charade. Conditional to access email accounts, under Kaspersky's protection! Outrageously exploited as a double-edged sword, whatever it takes to torment the targeted user. Once the technical assistance was sought by me, I became flabbergasted by the perfidious modus-operandi of the cunning customer service representatives! Deceitful to the detriment of the railroaded Kasperski's adherents, such as myself. Have a go to find out all-about-it, due to the encountered tribulations by me. Transcribed below for your perusal: ######################################################### From: (Leo24) Sent: Sat 3 May 2025 11:11 AM To: Kaspersky Technical Support <*****@*****.tld> Subject: Malicious internet dropouts Malicious internet dropouts! Targeted internet dropouts since Oct 2024 compelled me to seek your assistance, as the moderator's technique by Wesly Zhang proved to be fruitless. Please refer to ... https://forum.kaspersky.com/topic/kernel32dll-51818/?page=2 Per example, event depicted on the system log: Warning 08-Nov-24 15:26:24 Event 27, e1dexpress Intel(R) Ethernet Connection I218-LM Network link is disconnected. Thanks in advance! Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support <*****@*****.tld> Sent: Sat 3 May 2025 11:12 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Thank you for contacting Kaspersky Technical Support. The following request was registered: ID INC000017508101. We will do our best to respond to your request as soon as possible. To add new information to your request or ask additional questions, you can simply reply to this e-mail - leaving the subject line unchanged. This email was generated automatically. Best regards, Kaspersky Technical Support ######################################################### From: Kaspersky Lab Support Sent: Sun, 4 May 2025 8:54 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello Leo24, Thank you for contacting Kaspersky Support. To better understand the issue, please provide us with the following information as part of troubleshooting: 1. If there's any error message or a warning of any kind showing the issue, please take a screenshot of it or a short video recording and send it to us so we can better understand and identify the issue at hand. 2. Please create and share a GetSystemInfo report. To create this report, simply follow the step-by-step guidelines here: http://support.kaspersky.com/general/dumps/3632#block7 Note that the *.zip archive containing the report is saved on the desktop by default. 3. Please provide a detailed, step-by-step process for issuing recreates. Have a great day! Chor | Customer Service Representative ######################################################### From: (Leo24) Sent: Thu 8 May 2025 5:51 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Chor wrote: "Please create and share a GetSystemInfo report". • Actually, one of your moderators, Wesly Zhang got already this report, mentioned at the ... https://forum.kaspersky.com/topic/kernel32dll-51818/#comments Nov 15, 2024 GSI version: 6.2.2.58 File size: 1 Total physical memory: 8291.60 Mb Report: GSI6 uploaded 2024-11-15 03:06:27 Containing warnings such as: Warning 08-Nov-24 15:26:24 Event 27, e1dexpress Intel(R) Ethernet Connection I218-LM Network link is disconnected. • Although solution was sought at first for the kernel32.dll dilemma, the malicious internet dropouts persisted all along. I've followed Wesly Zhang recommendations to no avail, while the targeted internet dropouts occurred at will. Performed by some kind of a remote-control saboteur. Disenchanted Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Fri, 9 May 2025 2:14 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Dear Leo24, Thank you for getting back to us. We believe this could be a network degradation issue, not anything caused by anything malicious. 1. If you have run a full scan and had Kaspersky installed on the device since Oct 2024, it is doubtful that this is caused by anything malicious. 2. Internet dropping out can be caused by other factors, such as Wi-Fi Signal Issues, Router and Modem Problems, Internet Service Provider (ISP) Issues & also Device-Specific Problems. Do you experience the same behaviour on other Wi-Fi connections? Have you contacted your Internet Service Provider (ISP) since this issue began? Is this issue specific to your device, or does it happen on other devices too? Please keep us posted. Ali || Customer Service Representative ######################################################### From: (Leo24) Sent: Tue 13 May 2025 6:02 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Ali wrote: "Is this issue specific to your device, or does it happen on other devices too"? • Actually, my Latitude E5540 (Win 7 Pro) has been solely affected by the malicious internet interruptions (unlike my friend's eMachines E727 [Win 7 Home Premium], which never endured internet interruption). A momentary internet interruptions initially occurred as I was about to determine data usage by clicking on the "Wireless Network Connection Status" of my Latitude E5540 (Win 7 Pro). Though before I could ascertain the amount of the evolved (in/out) figures, they reverted to zero. Due to the untouchable saboteur internet interruption. Subsequently, 10 minutes approx after the start of my internet sessions interruptions occurred for some time, then persisted variously. Hiatus emerged toward the end of 2024, followed by the exacerbated internet interruptions since the beginning of this year (2025). In a row of 3, 4, 5, during sporadic internet sessions. Thus in addition to the relentless Yahoo email log-in impediments via sadistic verifications ploy, the accompanied internet interruptions compounded torment moreover. Whereas to alleviate the frustration in these circumstances, a timely popup on the screen to alert the impacted. Any tips regarding? Disenchanted Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Wed 14 May 2025 1:21 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Thank you for your reply. In order to keep track of the changes performed on your system, we ask you to provide us a new Getsysteminfo report, using the same instructions we sent you previously. If there's any error message or a warning of any kind, please take a screenshot of it and send it to us so we could better understand and identify the issue at hand. In case you need help with that, here's a handy guide about taking screenshots: http://support.kaspersky.com/us/492?cid=pe Thank you and have a nice day! Fawwaz || Customer Service Representative ######################################################### From: (Leo24) Sent: Mon 19 May 2025 4:58 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Fawwaz wrote: "In order to keep track of the changes performed on your system, we ask you to provide us a new Getsysteminfo report, using the same instructions we sent you previously". Earlier Chor wrote: "Please create and share a GetSystemInfo report. To create this report, simply follow the step-by-step guidelines here"... http://support.kaspersky.com/general/dumps/3632#block7 • Having created ... GSI6_USERPC_Owner_05_16_2025_18_21_00.zip ... as instructed, I am seeking advice about the prescribed mode of transfer. Thank you for your assistance! Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Tue 20 May 2025 2:36 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello, Thank you for the reply. Sorry to hear that you are facing this issue. You can simply attach the "GSI6_USERPC_Owner_05_16_2025_18_21_00.zip" file to your reply to this email. Alternatively, if the file size is too large for email or you prefer, you can upload it to our secure internal storage using the following link: https://box.kaspersky.com/u/d/xxx Could you also confirm if the issue continues after pausing or exiting your Kaspersky application? Please reply with the result so we can investigate further. In addition, if any visual information is available, please take a photo or a screenshot and share it with us. You can find a guide on how to take a screenshot here: http://support.kaspersky.com/general/various/492 We appreciate your cooperation and look forward to assisting you further. Have a great day! Rinitha || Customer Service Representative ######################################################### From: (Leo24) Sent: Wed 21 May 2025 5:25 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts • Hi Rinitha, please be informed that I didn't notice any rogue manifestations on the screen. Unfortunately, network connection status indicator at the notifications bar at the bottom, isn't supplemented by the "internet down" popup on the screen! Any tips regarding? So in addition to the ruthless email log-in impediment via treacherous verifications ploy, the accompanied internet interruptions compounded torment moreover. With the case in point, the interruptions manifested at least four times on Monday 19-05-25 between 16:18 - 17:48. • Please proceed to examine ... GSI6_USERPC_Owner_05_21_2025_10_05_56.zip ... uploaded as recommended at ... https://box.kaspersky.com/u/d/xxx Upload files to INC000017508101 shared by: File size should be smaller than 10.2 GB. Drag and drop files or folders here. No file chosen All files uploaded 1/1 Files name size progress state GSI6_USERPC_Owner_05_21_2025_10_05_56.zip 11.1 M Uploaded Thank you for your assistance! Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Thu 22 May 2025 11:50 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hi Leo24, Thank you for your email. The system information report shows there are no malicious items. You may consider having the networking equipment and/or the networking component on the computer checked by the manufacturer support. Please feel free to let us know should you have further queries. Thank you for contacting Kaspersky Support and have a great day! Regards, Ray || Customer Service Representative ######################################################### https://www.microsoft.com/en-us/microsoft-365/outlook/email-and-calendar-software-microsoft-outlook?deeplink=%2fowa%2f&sdf=0 Microsoft Homepage Thank you for your patience We are currently experiencing high demand. Please wait and try again later. ID: 18.6cbb07ca.1747896832.105daee4 ------------------------------------------------------------------------------------------------------ • Attention is drawn to the above depicted deception! Manifested within the upper half of my Latitude E5540 screen. Emanated apparently, during futile log-in attempts into my hotmail account via Google Chrome on 22-05-25, during 14:40 - 16:34 period. MS Edge and Mozilla Firefox were not affected by the sadistic sabotage. A couple of days later I could log-in again into my hotmail accounts via Google Chrome. ######################################################### From: Kaspersky Lab Support Sent: Tue, 27 May 2025 12:11 PM To: You (Leo24) Subject: Malicious internet dropouts Dear Customer, We have not heard back from you. If the issue remains unresolved, please reply to this email. Here's a copy of the message we've sent you previously. Below you may find our previous message sent a few days ago, in case you have accidentally deleted our email: ----------------------------------------------------------------------------------------------------- Please let us know if you need any further assistance. If we do not receive any response to this request within 10 days, your request will be closed. Best regards, Kaspersky Technical Support ######################################################### From: (Leo24) Sent: Tue 27 May 2025 at 2:47 PM To: Data Protection Officer <*****@*****.tld> Subject: Saboteur inflicted ordeal with impunity Saboteur inflicted ordeal with impunity Hi, I've been Kaspersky's adherent since Nov 2019. Initially as a free antivirus user - to the advantage of my Latitude E5540 (Win 7 Pro). Only occasionally accessing internet, nevertheless having subscribed to Kaspersky's Standard plan, since Oct 2024. Totally relying on the safety, reliability and integrity of Kaspersky's operations and products. Naturally, as a company that protects over a billion devices worldwide, it's important to address customers' concerns head-on! To start with the solution sought for the kernel32.dll dilemma, which faded away. Whilst the malicious internet interruptions persisted all along, since Oct 2024. Reluctantly, I've followed one of your moderators, Wesly Zhang recommendations, to no avail. Whilst the deliberate internet interruptions cropped up at will of the imbedded saboteur, virtually breathing down my neck. A brief hiatus in internet interruptions toward the end of 2024, gave way to the repetitive internet interruptions a few minutes apart, since the beginning of 2025 (during occasional internet sessions). Just as relentless Yahoo email log-in impediments were ratchet-up via sadistic verifications charade. Synchronised in a unison with the accompanied internet interruptions. Culminating in a futile log-in exertion on 22-05-25, due to the abrogated access to the hotmail accounts this time around. Whilst the bogus "Microsoft Homepage" announced: "Thank you for your patience. We are currently experiencing high demand. Please wait and try again later". In reflection on the boredom afflicted, the highly paid IT staff, indulging apparently in the sadistic extravaganza. When I anticipated factual, decisive results! Courtesy of the technical assistance by Kaspersky Lab Support. Please proceed to examine modus operandi of the customer service! Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments 27-05-25 ######################################################### From: (Leo24) Sent: Sat 31 May 2025 4:21 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Ray wrote: "We have not heard back from you. If the issue remains unresolved, please reply to this email". • Attention customer service representatives! Chor, Ali, Fawwaz, Rinitha, Ray - please be informed: I've been Kaspersky's adherent since Nov 2019. Initially as a free antivirus user - to the advantage of my Latitude E5540 (Win 7 Pro). Only occasionally accessing the internet, nevertheless having subscribed to Kaspersky's Standard plan, since Oct 2024. Totally relying on the safety, reliability and integrity of Kaspersky's operations and products. Naturally as a company that protects over a billion devices worldwide, it's important to address customers' concerns head-on! To start with the solution sought for the kernel32.dll dilemma, which faded away. Whilst the malicious internet interruptions persisted all along, since Oct 2024. Reluctantly, I've followed one of your moderators, Wesly Zhang recommendations, to no avail. Whilst the deliberate internet interruptions cropped up at will of the embedded saboteur, virtually breathing down my neck. A brief hiatus in internet interruptions toward the end of 2024, gave way to the repetitive internet interruptions a few minutes apart, since the beginning of 2025 (during occasional internet sessions). Just as relentless Yahoo email log-in impediments were ratchet-up via sadistic verifications charade. Synchronised in unison with the accompanying internet interruptions. Culminating in a futile log-in exertion on 22-05-25, due to the abrogated access to the hotmail accounts this time around. Whilst the bogus "Microsoft Homepage" announced (after 2pm): ------------------------------------------------------------------------------------------------------- https://www.microsoft.com/en-us/microsoft-365/outlook/email-and-calendar-software-microsoft-outlook?deeplink=%2fowa%2f&sdf=0 Microsoft Homepage Thank you for your patience We are currently experiencing high demand. Please wait and try again later. ID: 18.6cbb07ca.1747896832.105daee4 ------------------------------------------------------------------------------------------------------- Amazingly, avowal earlier in the day of 22-05-25 at 11:50 insisted: "The system information report shows there are no malicious items"! Compelling complaint escalation to the attention Data Protection Officer on 27-05-25 at 14:47. Still, internet interruptions persisted on the following day at 11:54, 11:58, 11:59, 12:00, 12:01, 12:02, 12:04. During internet session between 11:32 - 13:11 on 28-05-25. Then finally halleluiah, no log-in disruptions on 29-05-25, 30-05-25, 31-05-25 - followed by the peaceful internet sessions. Hopefully, as a precursor to the secure internet surfing, once my Latitude E5540 (Win 7 Pro), being thoroughly sanitised. Cautiously optimistic Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Sun 1 Jun 2025 4:03 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello Leo24, Thank you for your response. The email that you received, "We have not heard back from you. If the issue remains unresolved, please reply to this email", was an auto-generated follow-up email. We apologize for any inconvenience caused and acknowledge your remarks on this. Customer satisfaction being our priority, you may be assured that Kaspersky will always be dedicated to improving the quality of products and services offered to all our customers. Now that your internet issues are clear, would you like us to close this ticket? We're happy to keep it open if you anticipate any additional questions. If you have any further questions, please do not hesitate to contact us. Have a great day! Eric || Customer Support Representative ######################################################### From: (Leo24) Sent: Tue 3 Jun 2025 4:36 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Eric wrote: "Now that your internet issues are clear, would you like us to close this ticket"? • As a matter of fact, saboteur inflicted ordeal with impunity since the Oct 2024, abated. Courtesy of the Data Protection Officer intervention! Solely a single internet interruption occurred at 12:42 on 02-06-25, between 8:31 - 13:09 (momentarily as before). So it will take some time to ascertain the cessation of the torment. Cautiously optimistic Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Wed 4 Jun 2025 4:49 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello, Thank you for the reply. We appreciate you updating us on the issue. We're glad to hear that the internet interruptions have significantly decreased and that you're now experiencing more stable internet sessions. We understand your concern to continue monitoring the situation to ensure the issue has fully resolved. Please let us know if the interruptions recur or if you have any additional questions. Just wanted to let you know that your case status will be set to pending until we receive your update or if you need any further assistance. If we do not receive any response from you within 7 days, an automated email will be sent. If there's still no response by the 15th day, the case will be closed. Thank you and have a great day! Best regards, Rinitha || Customer Service Representative ######################################################### From: (Leo24) Sent: Fri 6 Jun 2025 4:34 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Rinitha wrote: "We're glad to hear that the internet interruptions have significantly decreased and that you're now experiencing more stable internet sessions". • Saboteur interrupted internet, exacerbated on 03-06-25 in the evening, during 19:24 - 21:18 period. MS Edge alerts didn't popup any longer, sabotaged likely. So precise timings of the momentarily tripped internet, couldn't be ascertained. Meanwhile, Google Chrome became inaccessible! Solely a message at the upper left corner of the blank page claimed: "Our systems have detected unusual traffic from your computer network. This page checks to see if it's really you sending the requests, and not a robot". Thus compelling to identify some features on several images within the verifications charade. Declined by me, as no impediments faced at the other browsers. At the end of my internet session, just as I was about to determine data usage by clicking on the "Wireless Network Connection Status" of my Latitude E5540 (Win 7 Pro), I couldn't ascertain the amount of the evolved (in/out) figures, as they reverted to zero. Due to the sadistic saboteur internet interruption at 21:18 on 03-06-25. Worse faired internet session on 05-06-25, during 11:31 - 16:36 period. So we're back to square one, all over again! Clearly, I was taken for a ride on the wild goose chase! No serious attempt was made to resolve the issue. Care to explain, how could a saboteur inflict the ordeal with impunity since Oct 2024? To the detriment of my Latitude E5540 (Win 7 Pro) reliability, besides the torment endured by me. Whilst the targeted internet interruptions cropped-up at will of the imbedded saboteur, virtually breathing down-my-neck. Warranting resolute action to be taken! Mind you, it's a litmus test. Kaspersky's brand is at stake! In reflection on the questionable modus operandi by the IT support. Kaspersky's history and dedication to customers: "Kaspersky began with a simple mission to protect people and businesses from cyberthreats and build a safer world. Our founder, Eugene Kaspersky, believes 'everyone has the right to be free of cybersecurity fears'! And it is this belief that underpins our efforts as a company". Disenchanted Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Sat 7 Jun 2025 1:39 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello Leo24, Thank you for your email. Before we can propose solution or a workaround to the issue you are experiencing, we would need your assistance to share some additional data for further analysis. 1. Open the main Kaspersky application window. 2. Click Customer Service icon in the lower right part of the window. This opens the Customer Service window. 3. Click the Problem recording link to open the Problem recording window. 4. Select the error category: Other. 5. Make sure that Record the screen is checked. If the Record the Screen option is not cheked, clicking the Start recording button only creates a trace file. 6. Click Start recording. The recording indicator is displayed in the upper part of the screen. 7. Reboot the computer. 8. Wait for the "Recording" indicator to appear on the top of your screen and proceed to reproduce the issue. 9. Click on Stop and Save. Recording is stopped and saved in an archive on Desktop. 10. Click Go to archive. This opens an Explorer window at the location of the ZIP archive. The archive contains a screen recording (if it was performed) and traces. 11. Copy the Traces File (SupportTraces-Kaspersky -21.XX....zip) from the Desktop to the Documents folder or any other folder of your choice. 12. Please send the Traces archive to us. Thank you and have a great day. Kind regards, Darwin | Customer Support Representative ######################################################### From: (Leo24) Sent: Wed 11 Jun 2025 1:18 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Darwin wrote: "Copy the Traces File (SupportTraces-Kaspersky -21.XX....zip) from the Desktop to the Documents folder or any other folder of your choice. Please send the Traces archive to us". • Having created ... SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11.zip ... as instructed. Upload failed to KL box ..".Network error"... So, having attempted to attach it herewith. Only to face: "You don't have permission to open this file". Hence I am seeking advice regarding prescribed mode of transfer. Disenchanted Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Thu, 12 Jun 2025 11:45 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Thank you for your reply. You can try to upload them to any freeware file-hosting (DropBox / Filedropper / Google Drive for example) service and send us the download link. If there's any error message or a warning of any kind, please take a screenshot of it and send it to us so we could better understand and identify the issue at hand. In case you need help with that, here's a handy guide about taking screenshots: http://support.kaspersky.com/us/492?cid=pe Thank you and have a nice day! Fawwaz || Customer Service Representative ######################################################### From: (Leo24) Sent: Thu 12 Jun 2025 2:32 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Fawwaz wrote: "You can try to upload them to any freeware file-hosting (DropBox / Filedropper / Google Drive for example) service and send us the download link". • Wait a minute, wouldn't it be a rather reckless to recommend for the customer to share such a private info ... SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11.zip ... (restricted to be open only by the Administrator) ... with the third parties willy-nilly? I don't think so. Therefore, there seems to be no other safe mode of transfer, than to upload it to the Kaspersky's secure internal storage. Terribly letdown Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Fri, 13 Jun 2025 3:03 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Greetings, We are sorry for any inconvenience caused. You can upload the data to trusted cloud storage like Google Drive, OneDrive, Dropbox and etc, since they are trusted. We shall check on the Kaspersky storage issue but we would need a screenshot of the error so we can check further. Best regards. Tines || Customer Service Representative ######################################################### From: (Leo24) Sent: Fri 13 Jun 2025 2:17 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Tines wrote: "We shall check on the Kaspersky storage issue but we would need a screenshot of the error so we can check further". • Please be informed that the requested ProductTraces folder was uploaded to the KLBox ... https://box.kaspersky.com/u/d/52ce937b4dec475ab82c ... with the professional assistance! Kaspersky Upload files to INC000017508101 shared by: File size should be smaller than 10.2 GB. Drag and drop files or folders here. No file chosen All files uploaded 1/1 Files name size progress state SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11 - Copy.zip 1.2 G Uploaded 13:40 13-Jun-25 ######################################################### From: Kaspersky Lab Support Sent: Fri 13 Jun 2025 9:49 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Dear Leo24, Thank you for providing the requested information. We've forwarded your inquiry to our experts and will contact you as soon as they respond. Thank you, and have a nice day! Ali || Customer Service Representative ######################################################### From: Kaspersky Lab Support Sent: Tue 17 Jun 2025 3:47 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello Leo24, Thank you for your patience throughout this time. Our experts have just replied to us and they're asking if you could help us in getting some additional information? Please clarify the issue. Is it: 1) PC slow performance? 2) Internet speed slower with Kaspersky? 3) Internet speed OK but sometimes internet drops for a while? In this case, how often? For how long? Does the issue related to Kaspersky? 4) Do you suspect your PC is infected? 5) In the provided traces, it shows 40+ minutes of you surfing the internet. What is system time on video when the issue appears? We look forward to hear from you. Thank you and best regards, Isha | Customer Service Representative ######################################################### From: (Leo24) Sent: Sat 21 Jun 2025 11:03 AM To: Kaspersky Lab Support Subject: Malicious internet dropouts Isha wrote on 17-06-25: "Our experts have just replied to us"... in response to the uploaded data for further analysis on 13-06-25 ... SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11 - Copy.zip • Yet the results were not revealed. Instead ..".they're asking if you could help us in getting some additional information"? 1) "PC slow performance"? • Facts speak for themselves as my Latitude E5540 (Intel Core i5-4310U at 2.60 gHz) uploaded 1.2 GB ProductTraces folder to the KL box in 10 minutes. Flawless transfer ended at 13:40 on 13-06-25. Within the internet session, which started before noon and finished at 14:22 (unmonitored on the day). 2) "Internet speed slower with Kaspersky"? • Likely, please provide info - how to uncouple and verify. Currently signal quality: 5 bars. Speed: 72.2 Mbps. As per (Win 7 Pro) wireless network connection status display. 3) "Internet speed OK but sometimes internet drops for a while? In this case, how often? For how long? Does the issue related to Kaspersky"? • Actually, it's impossible to become aware of, without the dedicated device! Due to the momentarily triggered internet interruptions. Mostly occurring within the fraction of a second. Audible alert would help. Any tips? 4) "Do you suspect your PC is infected"? • Well, according to Ali's advice given on Fri, 9 May 2025: "If you have run a full scan and had Kaspersky installed on the device since Oct 2024, it is doubtful that this is caused by anything malicious". 5) "In the provided traces, it shows 40+ minutes of you surfing the internet. What is system time on video when the issue appears"? • To be precise, four hours recording of surfing the internet, derived during 9:27 - 13:33 period on 11-06-25. Depicted within the 1.2 GB ProductTraces folder. Reprehensibly, the four hours internet session was interrupted eleven times, at: 9:38, 9:41, 10:01, 10:04, 10:05, 10:07, 10:28, 10:29, 10:39, 11:24, 13:26. "We look forward to hear from you"! • Likewise, I am eager to hear from you! All about the facts derived from your lengthy investigation into reprehensible deeds - carried out to the detriment of my lappy's reliability - besides the torment inflicted on me. Whilst the malicious internet interruptions cropped-up at will of the imbedded saboteur, virtually breathing down-my-neck. Symbolising a significant indicator that my lappy's reliability was compromised. Terribly letdown Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Sun 22 Jun 2025 5:09 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello, We've forwarded your inquiry to our experts, we will get back to you as soon as we hear from them. Thank you and have a nice day! Best regards. Tines || Customer Service Representative ######################################################### From: Kaspersky Lab Support Sent: Wed, 25 Jun 2025 1:42 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, I appreciate the patience you have shown. I apologize for my late response. Our Escalation Team have just replied to us with the latest update. Put the following files into password password-protected zip archive and send to us >>> F:\mb-clean-3.1.0.1035.exe D:\setup.EXE C:\Users\Owner\Downloads\PC_Connect3.2.64.01131_release.exe C:\Windows\system32\Tasks\{3D22ECEA-BF69-4F06-ACAE-BC5C0FE5B693} C:\Windows\system32\Tasks\{9D39F01C-87E4-49F7-95F6-C1A9694CBE8C} C:\Windows\system32\Tasks\{FB37A077-D95A-425D-98D4-1A15A0F9BC1D} Please use a third party file archiver such as 7zip (free) or WinRAR (free trial) to create a password protected archive. Select all the files you want to add to the archive, then right-click on one of them, select the name of your file archiver from the menu that appears and then click on "Add to archive". In the options menu that appears, under "Encryption" or "Set Password", enter the password you want to use, and then confirm it. For more help with the usage of these file archiving programs, please consult their respective documentation/online support. Thank you for choosing Kaspersky and have a great day ahead. Tines || Customer Service Representative ######################################################### From: (Leo24) Sent: Mon 30 Jun 2025 10:06 AM To: Kaspersky Lab Support Subject: Malicious internet dropouts Attention customer service representatives! Due to the latest inexplicable demands emailed on 25-06-25, vital to recap the chain of events: Fawwaz announced on 14-05-25: "In order to keep track of the changes performed on your system, we ask you to provide us a new Getsysteminfo report, using the same instructions we sent you previously". Leo replied on 19-05-25: Having created ... GSI6_USERPC_Owner_05_16_2025_18_21_00.zip ... as instructed, I am seeking advice about the prescribed mode of transfer. Rinitha instructed on 20-05-25: You can ... upload it to our secure internal storage using the following link: https://box.kaspersky.com/u/d/52ce937b4dec475ab82c Leo replied on 21-05-25: Hi Rinitha, please proceed to examine ... GSI6_USERPC_Owner_05_21_2025_10_05_56.zip ... uploaded as recommended at ... https://box.kaspersky.com/u/d/52ce937b4dec475ab82c Leo notified on 21-05-25: Unfortunately, network connection status indicator at the notifications bar at the bottom, isn't supplemented by the "internet down" popup on the screen! So in addition to the ruthless email log-in impediment via treacherous verifications ploy, the accompanied internet interruptions compounded torment moreover. With the case in point, the interruptions manifested at least four times on 19-05-25 between 16:18 - 17:48. Ray declared on 22-05-25 at 11:50: "The system information report shows there are no malicious items". Leo appealed on 27-05-25 to Data Protection Officer, concerning: Saboteur inflicted ordeal with impunity. Leo appealed on 31-05-25 to the customer service representatives: Chor, Ali, Fawwaz, Rinitha, Ray ... email log-in impediments were ratchet-up via sadistic verifications charade. Synchronised in unison with the accompanying internet interruptions. Culminating in a futile log-in exertion on 22-05-25, due to the abrogated access to the hotmail accounts this time around. Whilst the bogus "Microsoft Homepage" announced: "We are currently experiencing high demand. Please wait and try again later". Amazingly, Ray's avowal earlier in the day insisted: "The system information report shows there are no malicious items"! Compelling complaint escalation to the attention Data Protection Officer on 27-05-25. Still, internet interruptions persisted on the following day, at: 11:54, 11:58, 11:59, 12:00, 12:01, 12:02, 12:04. During internet session on 28-05-25, between 11:32 - 13:11. Leo notified on 06-06-25: Saboteur interrupted internet, exacerbated on 03-06-25 in the evening, during 19:24 - 21:18. MS Edge alerts didn't popup any longer, sabotaged likely. So precise timings of the momentarily tripped internet, couldn't be ascertained. Meanwhile, Google Chrome became inaccessible. Though, no impediment faced at the other browsers. At the end of internet session, just as I was about to determine the data usage by clicking on the "Wireless Network Connection Status" of my lappy, I couldn't ascertain the amount, as it reverted to zero. Due to the sadistic saboteur internet interruption on 03-06-25 at 21:18. Worse faired my internet session next day, during 11:31 - 16:36 on 05-06-25. Darwin announced on 07-06-25 at 13:39: "Before we can propose solution or a workaround to the issue you are experiencing, we would need your assistance to share some additional data for further analysis". Leo replied on 11-06-25: Having created ... SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11.zip ... as instructed. Upload failed at the KL box ... Hence I am seeking advice regarding prescribed mode of transfer. Fawwaz instructed on 12-06-25 at 11:45: "You can try to upload them to any freeware file-hosting (DropBox / Filedropper / Google Drive for example) service and send us the download link". Leo replied on 12-06-25 at 14:32: Wait a minute, wouldn't it be a rather reckless to recommend for the customer to share such a private info with the third parties willy-nilly? I don't think so. Therefore, there seems to be no other safe mode of transfer, than to upload it to the Kaspersky's secure internal storage. Tines persevered on 13-06-25 at 03:03: "We shall check on the Kaspersky storage issue but we would need a screenshot of the error so we can check further" (in reality, the encrypted ProductTraces folder, required professional tweak, before the upload its 2.1 GB copy). Consequently, Leo confirmed on 13-06-25 at 14:17: Please be informed that the requested ProductTraces folder was uploaded flawlessly on 13-06-25 at 13:40 to the KLBox ... https://box.kaspersky.com/u/d/52ce937b4dec475ab82c ... with the professional assistance! Ali replied on 13-06-25 at 21:49: Thank you for providing the requested information. We've forwarded your inquiry to our experts and will contact you as soon as they respond. Isha persevered on 17-06-25: "Our experts have just replied to us and they're asking if you could help us in getting some additional information". Consequently, Leo replied on 21-06-25 to all the raised questions: 1) "PC slow performance"? • Facts speak for themselves as my Latitude E5540 (Intel Core i5-4310U at 2.60 gHz) uploaded 1.2 GB ProductTraces folder to the KL box in 10 minutes. Flawless transfer ended on 13-06-25 at 13:40. Within the internet session, which started before noon and finished at 14:22 (unmonitored on the day). 2) "Internet speed slower with Kaspersky"? • Likely, please provide info - how to uncouple and verify. Currently signal quality: 5 bars. Speed: 72.2 - 300 Mbps. As per (Win 7 Pro) wireless network connection status display. 3) "Internet speed OK but sometimes internet drops for a while? In this case, how often? For how long? Does the issue related to Kaspersky"? • Actually, it's impossible to become aware of, without the dedicated device! Due to the momentarily triggered internet interruptions. Mostly occurring within the fraction of a second. Audible alert would help. Any tips? 4) "Do you suspect your PC is infected"? • Well, according to Ali's advice given on Fri, 9 May 2025: "If you have run a full scan and had Kaspersky installed on the device since Oct 2024, it is doubtful that this is caused by anything malicious". 5) "In the provided traces, it shows 40+ minutes of you surfing the internet. What is system time on video when the issue appears"? • To be precise, four hours recording of surfing the internet, derived on 11-06-25 during 9:27 - 13:33. Depicted within the 1.2 GB ProductTraces folder. Reprehensibly, the four hours internet session was interrupted eleven times, at: 9:38, 9:41, 10:01, 10:04, 10:05, 10:07, 10:28, 10:29, 10:39, 11:24, 13:26. "We look forward to hear from you"! • Likewise, I am eager to hear from you! All about the facts derived from your lengthy investigation into reprehensible deeds - carried out to the detriment of my lappy's reliability - besides the torment inflicted on me. Whilst the malicious internet interruptions cropped-up at will of the imbedded saboteur, virtually breathing down-my-neck. Symbolising a significant indicator that my lappy's reliability was compromised. Next day, Tines replied on 22-06-25: "Hello, we've forwarded your inquiry to our experts, we will get back to you as soon as we hear from them". Oddly though topic's title: Malicious internet dropouts, gone from the subject line, beset by "Kaspersky Technical Support - ID INC000017508101". A few days later, Tines persevered on 25-06-25: "I appreciate the patience you have shown. I apologize for my late response. Our Escalation Team have just replied to us with the latest update. Put the following files into password-protected zip archive and send to us". • Are you serious? Any idea, what it's all about? Have a go, enlighten me! Yet an another attempt to derail the inquiry? Lacking interim finding, whatsoever. No result of the analysis by experts ever revealed. Whist the depicted facts in my emails were ignored entirely. In spite of the answered all the requests in the received emails. Copies of which, remained always beneath my replies, in a prescribed manner. Sadly, disrupted by the customer service representatives detached emails. How to continue an email thread? Continuing an email thread refers to the practice of replying to an existing email message while keeping the previous conversation intact. This method allows for a seamless flow of communication, as it keeps all related information in one consolidated thread. By utilizing the appropriate email etiquette, individuals can effectively continue an email thread while adding new information, addressing queries, or providing updates. When continuing an email thread, it is crucial to follow a few best practices: Firstly, it is essential to maintain the subject line of the email, as this provides context to all recipients and helps them identify the ongoing conversation. Ideally, the subject line should be concise, relevant, and accurately reflect the content of the email. Furthermore, when continuing an email thread, it is crucial to address all points raised in the previous email. This ensures that the conversation progresses smoothly and that no important aspects are overlooked. By systematically addressing each point, recipients can easily follow the discussion and provide appropriate responses ... https://www.usebouncer.com/knowledge-base/how-to-continue-an-email-thread Terribly letdown Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Mon 30/06/2025 10:07 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Dear Leo24, Sorry for any inconvenience caused. The trace logs show 40+ minutes of you surfing the internet; everything seems normal. Our experts requested the files to investigate your concerns about something malicious causing the network drop-out issue. Again, to recap, please provide the following in a password-protected archive: F:\mb-clean-3.1.0.1035.exe D:\setup.EXE C:\Users\Owner\Downloads\PC_Connect3.2.64.01131_release.exe C:\Windows\system32\Tasks\{3D22ECEA-BF69-4F06-ACAE-BC5C0FE5B693} C:\Windows\system32\Tasks\{9D39F01C-87E4-49F7-95F6-C1A9694CBE8C} C:\Windows\system32\Tasks\{FB37A077-D95A-425D-98D4-1A15A0F9BC1D} Password suggestion: infected. We are looking forward to hearing from you. Don't hesitate to contact us for any assistance. Ali || Customer Service Representative To reply to this request, you can simply reply to this e-mail leaving the subject line unchanged. If we do not receive a response from you within 7 days, your request will be considered resolved by our system. If you would like us to leave your request open, you can simply let us know by replying to this e-mail or sending a new reply through My Kaspersky. We have obtained your personal data from you directly. The provided data will only be used for the provision of technical support and will be processed and protected in accordance with Kaspersky Data Privacy Statement for technical support. Should you have any questions about Kaspersky privacy practices or if you would like us to update information or preferences you provided to us, please contact our Data Protection Officer. AO Kaspersky Lab, bldg. 3, 39A, Leningradskoe Shosse, Moscow, 125212, Russian Federation. The representative of AO Kaspersky Lab in EU is Kaspersky Labs GmbH, Schloßlände 26, 85049 Ingolstadt, Germany.

Очень вероятно, что про неё можно будет забыть. Относительно недавно был релиз 15.1 (update 2).

Hello @mox, Welcome back! Vista is not supported, Windows 7 is, with a *proviso*, please read: Kaspersky for Windows, Hardware and software requirements: "Kaspersky application cannot be installed on Microsoft Windows 7 without installed operating system updates: KB4490628 (March 12, 2019) and KB4474419 (September 23, 2019)." KIS subscriptions cannot be purchased online from Kaspersky websites, you may be able to purchase from third-party-merchants (please do not buy from eBay, the *same* activation-codes are frequently sold to multiple subscribers, people have been scammed on more than one occasion) OR you may be able to purchase KIS in a boxed version, from a local store. Also, please read: Where to buy an activation code? Also, note, Kaspersky uses an automatic & silent Total-Force-Upgrade (TFU), after installing KIS, the software may try to update unless (you) implement a manual hack to prevent updates of new versions & patches. Thank you🙏 Flood🐳+🐋

Administrator receives the notification about outdated anti-spam (AS) and/or anti-virus (AV) bases because a large time interval for updating AS and/or AV databases is set (every 5 hours or more for AS and every 24 hours or more for AV). Anti-spam and anti-virus bases should be updated much more often. Accordingly, Kaspersky Security Center should also update anti-spam and anti-virus bases more frequently. The best way is to update anti-spam bases directly via Internet from Kaspersky Update servers every 5 minutes. Anti-virus bases should be updated every 1 hour. If it is not possible, try to update Kaspersky Security Center and Kaspersky Security for Microsoft Exchange anti-spam bases every 30 minutes or every 1 hour, but in this case you should not expect a high spam detection rate.

In order to upgrade KATA from 3.7.2 to 4.0 > 4.1 > 5.0 > 5.1 > 6.0 please follow the manual below. Step-by-step guide Prior to PCN upgrade you have to disconnect all Sensors, SCNs and Sandboxes. After upgrade Sandboxes and Sensors must be reinstalled, disconnected SCNs – upgrade to 4.0 and 4.1 and then reconnect them to PCN. Upgrade order described here - https://support.kaspersky.com/KATA/4.0/en-US/198801.htm Information which is kept during upgrade - https://support.kaspersky.com/KATA/4.0/en-US/227848.htm Contents of backup - https://support.kaspersky.com/KATA/4.0/en-US/198854.htm NB! Events database is not being transferred if you want to restore backup to new installation (e.g. new physical or virtual server). System requirements are the same for 3.7.2 and 4.0/4.1, so if 3.7.2 installation matches the requirements, you can upgrade keeping the same hardware/VM configuration - https://support.kaspersky.com/KATA/4.0/en-US/194861.htm For upgrade you don’t need .ktgz archives, only the ISO file. Pre-upgrade recommendations This recommendation is optional for vanilla 3.7.2, and it's a must for 3.7.2 PF1 Before upgrading KATA 3.7.2 to KATA4, copy and run this script. Run it as root: python /var/opt/kaspersky/apt/files/kata4-preupgrade-checker.py Expected result for vanilla 3.7.2: In case any issues arise, please contact Kaspersky support, and provide script output as shown on screenshot above and this script log, the script shows log location upon completion: /data/kata4-preupgrade-checker.log Upgrade order Create backup of CN and do the manual backup of /var/opt/kaspersky/apt-preprocessor/preprocessor.conf (from CN and sensors, especially if tuning was made at sensors). Mount installation ISO to KATA VM or boot from drive with ISO, if a server is physical. Select Install Kaspersky Anti Targeted Attack Platform. Select Disk marked as [upgrade] and press Enter. Select Upgrade and press Enter Select Upgrade again and press Enter Wait for the completion and check at WEB UI, that there are no errors / issues / etc. Storage migration is a lengthy procedure and may take many hours, depending on the installation. No visual indication of progress is provided, but it's not frozen. Perform a backup of 4.0 The upgrade procedure from 4.0 up to 4.1 is pretty much the same, you have to map ISO and boot from it, select disk marked as [upgrade], proceed, make a backup of 4.1 Upgrade procedure from 4.1 to 5.0 is described here. Before updating the product from version 4.1 to version 5.0, check which boot mode is used on the server (BIOS or UEFI). If UEFI is used, the update will fail. To avoid this, you need to update from a special KATA 5.0 image which can be provided by Kaspersky Support. Before upgrade DISABLE NTP on 4.1 Information which is kept during upgrade. 1) You can obtain file upgrade_preparation-1.0-py3-none-any.whl in kata-cn-5.0.0-5201-inst.x86_64_en-ru.iso, just mount it in Windows, go to support folder, copy this file and put it to /tmp via WinSCP to your KATA 4.1. 2) Proceed with steps described in Online help After mounting ISO and running from it you will be prompted to say y + ENTER to upgrade Then press ENTER, read EULA and select "I accept" Then you have two options: leave cluster and bridge/overlay subnets by default (just by pressing ENTER in windows below) or you can change them as you want (especially if these subnets crossover with your infrastructure subnets) Upgrade procedure can take a while, after that you'll be prompted to choose management interface, enter it's details again Enter password for admin Configure DNS servers and press ENTER Enable SPAN capturing by typing y or skip this step as n and press ENTER (you can do it later after upgrade). Don't forget to read this article, kindly pay attention to section "Special considerations for upgrading Kaspersky Anti Targeted Attack Platform from version 4.1 to version 5.0" After upgrade you have to perform initial configuration of KATA via web interface using admin (with Local administrator checkbox) credentials being set up during upgrade, please refer to https://support.kaspersky.com/KATA/5.0/en-US/242580.htm and https://support.kaspersky.com/KATA/5.0/en-US/240726.htm Once the configuration is completed, it's possible to log in to Web UI as regular local admin: use Administrator/Administrator login and password, "Local administrator" checkbox must be enabled, too. Change the password for Administrator user and proceed with adding license, creating users etc. Upgrade procedure from 5.0 to 5.1 is described here. Step-by-step guide of upgrade is here. Information kept during upgrade is here. According to KB you have to upload upgrade.tar.gz to /data/upgrade But first, you have to create this directory and set permissions to it to be able to upload upgrade package via WinSCP (in this example we use chmod 777 as an ultimate set of rights, you can use another set) mkdir /data/upgrade chmod 777 /data/upgrade After that upload upgrade.tar.gz to /data/upgrade via WinSCP and unarchive it cd /data/upgrade tar xvf upgrade.tar.gz Give executive permissions to script install_kata_upgrade.sh and install pre-upgrade package Execute as root chmod +x /data/upgrade/install_kata_upgrade.sh sh install_kata_upgrade.sh You'll see this And finally run upgrade (use admin user credentials which you use for ssh) kata-upgrade --data-dir /data/upgrade --user admin --password 'passw@rd' In a while you should receive message about successful upgrade . Upgrade procedure from 5.1 Ubuntu to 6.0 Ubuntu is described HERE Step-by-step guide of upgrade is HERE Information kept during upgrade is HERE Upload kata-cn-ubuntu-upgrade-6.0.0-200-x86_64_en-ru.tar.gz via WinSCP to /home/admin Unpack it to /data by command tar xvf /home/admin/kata-cn-ubuntu-upgrade-6.0.0-200-x86_64_en-ru.tar.gz -C /data/ Install the upgrade package by running the following commands cd /data/upgrade/ chmod +x ./install_kata_upgrade.sh ./install_kata_upgrade.sh Install the upgrade by running the following commands source /tmp/upgrade-venv/venv/bin/activate kata-upgrade --data-dir /data/upgrade/ --password <password specified during component installation> If the password contains special characters, the password variable must be specified in the following format: --password '<password>' Mount the iso image of Kaspersky Anti Targeted Attack Platform version 6.0 and restart the server In the GRUB menu, select Upgrade KATA 5.1 Accept EULA Confirm upgrade Wait for completion, don't forget to remove ISO or ensure that after reboot KATA boots from local disk. Done. Known problem: during upgrade to 6.0 upgrade script may fail With the following error: 2024-10-21 10:56:16,664.664 [kata_upgrade.tasks.upgrade_base_task][ERROR] Upgrade task " (UpdateDeploymentServices)" completed with an error, elapsed time: 191.07 sec Traceback (most recent call last): File "/tmp/upgrade-venv/venv/lib/python3.11/site-packages/etcd3/client.py", line 46, in handler return f(*args, **kwargs) ^^^^^^^^^^^^^^^^^^ File "/tmp/upgrade-venv/venv/lib/python3.11/site-packages/etcd3/client.py", line 257, in get_response return self.kvstub.Range( ^^^^^^^^^^^^^^^^^^ File "/tmp/upgrade-venv/venv/lib/python3.11/site-packages/grpc/_channel.py", line 1161, in __call__ return _end_unary_response_blocking(state, call, False, None) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/tmp/upgrade-venv/venv/lib/python3.11/site-packages/grpc/_channel.py", line 1004, in _end_unary_response_blocking raise _InactiveRpcError(state) # pytype: disable=not-instantiable ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with: status = StatusCode.UNAVAILABLE details = "DNS resolution failed for etcd.dyn.kata:2379: C-ares status is not ARES_SUCCESS qtype=A name=etcd.dyn.kata is_balancer=0: Timeout while contacting DNS servers" debug_error_string = "UNKNOWN:DNS resolution failed for etcd.dyn.kata:2379: C-ares status is not ARES_SUCCESS qtype=A name=etcd.dyn.kata is_balancer=0: Timeout while contacting DNS servers {grpc_status:14, created_time:"2024-10-21T10:56:16.663456976+00:00"}" > After which web interface is not be accessible with Administrator credentials. Solution: Login to web interface using admin credentials (not Administrator) If current sizing by Endpoint Agents is not 0 then remember current value and set it to 0. If this setting cannot be applied because there are 0s for other integrations then set mail to 1. For example: Would be changed to Apply this configuration, login back with admin credentials and configure original values back: The point is to zero out any single of the integrations and then configure it back to original value, so depending on original configuration you may need to zero out other integration instead of Endpoint Agents. After this login to web interface with Administrator should work. Do that and wait till all errors in dashboard are cleared. Now you can restart upgrade script from step 5: sudo -i cd /data/upgrade/ ./install_kata_upgrade.sh source /tmp/upgrade-venv/venv/bin/activate kata-upgrade --data-dir /data/upgrade/ --password ... --current-task-index 5 Known problem: during upgrade to 6.0 when booting to iso an error is displayed: File /mnt/debconf_menu_answers.ini not found Possible causes: Upgrade script that was running before reboot did not finish successfully. Check logs in /var/log/kaspersky/installation/. It is safe to boot not from iso at this point to check that log. In case script failed (but not like above) escalate incident. Wrong partitioning of /dev/sda, where there is sda4 instead of sda3. Check output of lsblk -o NAME /dev/sda Correct output: # lsblk -o NAME /dev/sda NAME sda ├─sda1 ├─sda2 └─sda3 Wrong output: # lsblk -o NAME /dev/sda NAME sda ├─sda1 ├─sda2 └─sda4 Solution: $ sudo -i 1) Create partition table backup # sfdisk -d /dev/sda > sda.bkp # cp sda.bkp sda.new 2) Edit partition table file # vi sda.new 3) Enter edit mode by pressing "i" and change /dev/sda4 to /dev/sda3 For example if you have Change the number 4 to 3. Nothing else should be changed in the file! To save press ESC then :wq! and Enter. Apply new partition table # sfdisk --no-reread -f /dev/sda < sda.new Now you can boot from iso and continue upgrade. Upgrade procedure from 5.1 Ubuntu to 6.0 Astra is described below Installation is described here https://support.kaspersky.ru/KATA/6.0/en-US/243480.htm But, we have some differences here Upload kata-cn-astra-upgrade-6.0.0-200-x86_64_en-ru.tar.gz to /data Then move to *****@*****.tld:~# cd /data Execute tar xvf /data/kata-cn-astra-upgrade-6.0.0-200-x86_64_en-ru.tar.gz -C /data/ Execute cd /data/upgrade/ chmod +x ./install_kata_upgrade.sh source /tmp/upgrade-venv/venv/bin/activate kata-upgrade --data-dir /data/upgrade/ --password <password of the 'admin' user> Mount the iso image of Kaspersky Anti Targeted Attack Platform version 6.0 and restart the server. You have to start server from mounted ISO and select "Upgrade KATA 5.1 server" Proceed That's it, you've upgraded your 5.1 Ubuntu to 6.0 Astra Upgrade procedure from 6.0 to 6.1 is below https://support.kaspersky.com/help/KATA/6.1/en-US/246850.htm It considers upgrade from 6.0 or 6.0.1 directly to 6.0.2 - https://support.kaspersky.com/KATA/6.0/en-US/271957.htm, to 6.0.3, and finally to 6.1 - https://support.kaspersky.com/help/KATA/6.1/en-US/243480.htm 6.0 > 6.0.1 Upload upgrade.tar.gz to /home/admin directory Execute following commands below root@1.srv.node1.node.dyn.kata:~# mv /home/admin/upgrade.tar.gz /data/ root@1.srv.node1.node.dyn.kata:~# tar xvf /data/upgrade.tar.gz -C /data/ upgrade/ upgrade/images.tar.gz upgrade/install_kata_upgrade.sh upgrade/kata_license-1.0-py3-none-any.whl upgrade/kata_upgrade-1.0-py3-none-any.whl upgrade/ubuntu_image_versions.json upgrade/updates/ upgrade/updates/Packages.gz upgrade/updates/glibc_2.35-0ubuntu3.6.debian.tar.xz upgrade/updates/glibc_2.35-0ubuntu3.6.dsc upgrade/updates/glibc_2.35.orig.tar.xz upgrade/updates/glibc_2.35.orig.tar.xz.asc upgrade/updates/libc-bin_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc-dev-bin_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc-devtools_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc6-dev_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc6_2.35-0ubuntu3.6_amd64.deb root@1.srv.node1.node.dyn.kata:~# cd /data/upgrade/ root@1.srv.node1.node.dyn.kata:/data/upgrade# chmod +x ./install_kata_upgrade.sh root@1.srv.node1.node.dyn.kata:/data/upgrade# ./install_kata_upgrade.sh Processing ./kata_license-1.0-py3-none-any.whl Installing collected packages: kata-license Attempting uninstall: kata-license Found existing installation: kata-license 1.0 Uninstalling kata-license-1.0: Successfully uninstalled kata-license-1.0 Successfully installed kata-license-1.0 WARNING: There was an error checking the latest version of pip. Processing ./kata_upgrade-1.0-py3-none-any.whl Installing collected packages: kata-upgrade Successfully installed kata-upgrade-1.0 WARNING: There was an error checking the latest version of pip. Installation was successful! Then execute and wait until completion kata-upgrade --data-dir /data/upgrade/ --password <password of the 'admin' user> <<<<<<<< use ' ' symbols if special symbols are presented in password ............................................................................................................................................................ 2024-09-10 15:46:02,038.38 [kata_upgrade.context.ssh_execution_context][INFO] manager.cluster.dyn.kata: Closed ssh session 2024-09-10 15:46:02,038.38 [kata_upgrade.tasks.upgrade_base_task][INFO] Upgrade task "Update product stack sizing via management api (UpdateSizing)" completed successfully, elapsed time: 896.77 sec 2024-09-10 15:46:02,039.39 [kata_upgrade.updater.updater][INFO] WARNING: Please close all current user sessions to complete the upgrade process. Patch 6.0.1 is installed, you can check it at web UI 6.0.1 > 6.0.2 Upload kata-cn-upgrade-6.0.2-x86_64_en-ru.tar.gz to /home/admin directory Execute following commands below root@1.srv.node1.node.dyn.kata:/data/upgrade# mv /home/admin/kata-cn-upgrade-6.0.2-x86_64_en-ru.tar.gz /data/ root@1.srv.node1.node.dyn.kata:/data/upgrade# tar xvf /data/kata-cn-upgrade-6.0.2-x86_64_en-ru.tar.gz -C /data/ upgrade/ upgrade/images.tar.gz upgrade/install_kata_upgrade.sh upgrade/kata_license-1.0-py3-none-any.whl upgrade/kata_upgrade-1.0-py3-none-any.whl upgrade/ubuntu_image_versions.json upgrade/updates/ upgrade/updates/Packages.gz upgrade/updates/glibc_2.35-0ubuntu3.6.debian.tar.xz upgrade/updates/glibc_2.35-0ubuntu3.6.dsc upgrade/updates/glibc_2.35.orig.tar.xz upgrade/updates/glibc_2.35.orig.tar.xz.asc upgrade/updates/libc-bin_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc-dev-bin_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc-devtools_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc6-dev_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc6_2.35-0ubuntu3.6_amd64.deb root@1.srv.node1.node.dyn.kata:/data/upgrade# cd /data/upgrade/ root@1.srv.node1.node.dyn.kata:/data/upgrade# chmod +x ./install_kata_upgrade.sh root@1.srv.node1.node.dyn.kata:/data/upgrade# ./install_kata_upgrade.sh Processing ./kata_license-1.0-py3-none-any.whl Installing collected packages: kata-license Attempting uninstall: kata-license Found existing installation: kata-license 1.0 Uninstalling kata-license-1.0: Successfully uninstalled kata-license-1.0 Successfully installed kata-license-1.0 WARNING: There was an error checking the latest version of pip. Processing ./kata_upgrade-1.0-py3-none-any.whl Installing collected packages: kata-upgrade Attempting uninstall: kata-upgrade Found existing installation: kata-upgrade 1.0 Uninstalling kata-upgrade-1.0: Successfully uninstalled kata-upgrade-1.0 Successfully installed kata-upgrade-1.0 WARNING: There was an error checking the latest version of pip. Installation was successful! Then execute and wait until completion kata-upgrade --data-dir /data/upgrade/ --password <password of the 'admin' user> <<<<<<<< use ' ' symbols if special symbols are presented in password ............................................................................................................................................................ 2024-09-10 16:47:24,839.839 [kata_upgrade.context.ssh_execution_context][INFO] manager.cluster.dyn.kata: Closed ssh session 2024-09-10 16:47:24,839.839 [kata_upgrade.tasks.upgrade_base_task][INFO] Upgrade task "Update product stack sizing via management api (UpdateSizing)" completed successfully, elapsed time: 902.25 sec 2024-09-10 16:47:24,840.840 [kata_upgrade.updater.updater][INFO] WARNING: Please close all current user sessions to complete the upgrade process. Patch 6.0.2 is installed, you can check it at web UI 6.0.2 > 6.0.3 https://support.kaspersky.com/KATA/6.0/en-US/286625.htm Upload kata-cn-upgrade-6.0.3.sh to /home/admin Execute following commands below root@1.srv.node1.node.dyn.kata:/data/upgrade# chmod +x /home/admin/kata-cn-upgrade-6.0.3.sh root@1.srv.node1.node.dyn.kata:/data/upgrade# cd /home/admin/ root@1.srv.node1.node.dyn.kata:/home/admin# sh kata-cn-upgrade-6.0.3.sh Check that there are no errors like this root@1.srv.node1.node.dyn.kata:/home/admin# cat /tmp/ks_check_klava_patch.log before total 1016 -rwxr-xr-x 1 root root 561 Nov 15 2023 check_aapt -rwxr-xr-x 1 root root 306 Nov 16 2023 check_aptfr -rwxr-xr-x 1 root root 1592 Nov 15 2023 check_aptfs -rwxr-xr-x 1 root root 1860 Nov 15 2023 check_aptsn -rwxr-xr-x 1 kluser klusers 1011432 Oct 20 2023 check_hips2 -rwxr-xr-x 1 root root 287 Nov 16 2023 check_ksn -rwxr-xr-x 1 root root 409 Nov 15 2023 dispatcher -rwxr-xr-x 1 root root 1315 Nov 16 2023 validate_ioa_rules after total 1016 -rwxr-xr-x 1 root root 561 Nov 15 2023 check_aapt -rwxr-xr-x 1 root root 306 Nov 16 2023 check_aptfr -rwxr-xr-x 1 root root 1592 Nov 15 2023 check_aptfs -rwxr-xr-x 1 root root 1860 Nov 15 2023 check_aptsn -rwxr-xr-x 1 kluser klusers 1011432 Oct 20 2023 check_hips2 lrwxrwxrwx 1 root root 50 Sep 10 16:56 check_klava -> /opt/kaspersky/apt-scan-server/libexec/check_klava -rwxr-xr-x 1 root root 287 Nov 16 2023 check_ksn -rwxr-xr-x 1 root root 409 Nov 15 2023 dispatcher -rwxr-xr-x 1 root root 1315 Nov 16 2023 validate_ioa_rules Patch 6.0.3 is installed, it doesn't change version of product at web UI 6.0.3 > 6.1 Please follow https://support.kaspersky.com/help/KATA/6.1/en-US/243480.htm Known problem: after upgrade to 6.1 kata-collect is not found This is related not only to kata-collect console utility but also other internal console utilities Solution: $ sudo -i Edit /etc/bash.bashrc file # vi /etc/bash.bashrc Enter edit mode by pressing "i" and insert the following line in the very beginning: source /opt/venv/bin/activate Like so: To save press ESC then :wq! and Enter. After that reconnect to server via SSH. Known problem: no space on / at 6.1 sensor nodes after installation Cause: If you do not select any network interface as SPAN then suricata crashes constantly generating core files. To prevent this select at least one network interface for SPAN on sensor nodes. Solution if the problem already occured: Reinstall. Select at least one network interface for SPAN (Program settings → Configure traffic capture → Setup capture interfaces → Mark at least one network interface) If reinstallation is difficult and / is already full and you cannot get into preprocessor_span container to check its / content then: Select at least one network interface for SPAN. Change dir to docker container MergedDir *****@*****.tldr:~# cd $(docker inspect $(docker ps | grep preprocessor_span | awk '{print $1}') | grep Merged | awk -F\" '{print $4}') *****@*****.tldr:/var/lib/docker/overlay2/c3028dde07229aa8fc6f37b7ac2e04b454765b1b015ec9303ac1a35c38ffda38/merged# Check listing, it should contain a lot of core files *****@*****.tldr:/var/lib/docker/overlay2/c3028dde07229aa8fc6f37b7ac2e04b454765b1b015ec9303ac1a35c38ffda38/merged# ls -la | head -20 total 60596 drwxr-xr-x 2 root root 4096 May 18 09:36 drwxr-xr-x 1 root root 4096 Oct 24 11:12 . drwx--x--- 5 root root 4096 Oct 22 14:21 .. drwxr-xr-x 1 root root 4096 Oct 22 14:58 application lrwxrwxrwx 1 root root 7 Apr 25 2023 bin -> usr/bin drwxr-xr-x 2 root root 4096 Apr 18 2022 boot -rw------- 1 root root 11939840 Oct 24 11:10 core.103983 -rw------- 1 root root 11939840 Oct 24 11:10 core.103985 -rw------- 1 root root 11939840 Oct 24 11:10 core.103987 -rw------- 1 root root 11939840 Oct 24 11:10 core.103989 -rw------- 1 root root 11939840 Oct 24 11:10 core.103991 -rw------- 1 root root 11939840 Oct 24 11:10 core.103993 -rw------- 1 root root 11939840 Oct 24 11:10 core.104001 -rw------- 1 root root 11939840 Oct 24 11:10 core.104008 -rw------- 1 root root 11939840 Oct 24 11:10 core.104010 -rw------- 1 root root 11939840 Oct 24 11:10 core.104017 -rw------- 1 root root 11939840 Oct 24 11:10 core.104025 -rw------- 1 root root 11939840 Oct 24 11:11 core.104027 -rw------- 1 root root 11939840 Oct 24 11:11 core.104033 Remove them like so (make sure no unnecessary spaces are in the rm command) *****@*****.tldr:/var/lib/docker/overlay2/c3028dde07229aa8fc6f37b7ac2e04b454765b1b015ec9303ac1a35c38ffda38/merged# rm -f ./core.[0-9]* Reboot

You can download the installer from the official website and update manually.