Search the Community

I can confirm that for me the issue seems to be solved, i had an app update on the 16th of November and now i'm at 21.23.6.614, prior to this i had installed back in September the 21.22.7.466 version. I now have 0-1% GPU usage in Idle and no Kaspersky is consuming GPU. @Mohamed, i'd suggest reinstalling the app, do a complete uninstall, i remember back in the days Kaspersky had a removal tool of their own, perhaps that does a more in-depth removal then the Uninstall process from appwiz.cpl, idk, look it up and try. But what i can say from my side, after the update to 21.23 on the 16th of November, the GPU load in Idle is how it should be.

Update: Heute kam aus der App heraus der Hinweis nach Aktualisierung. Stand heute: Version 11.129.4.15102 Herrlich 🙂

I have been running Kaspersky Endpoint 11.4.0 for Linux on Linux Mint 22.1 and have been telling Kaspersky for two years that they should package their Endpoint for Linux for home users - and after downloading the Kaspersky for Linux install kit and installing it have to say that it looks like that is what they have done. Installation looks almost the same and module names are the same. Not yet having a license I don't know what the Kaspersky for Linux GUI looks like. I attached a picture of the Endpoint window so perhaps someone can say if it's similar. Kaspersky support in late December told me that Kaspersky for Linux is available in the following countries: Australia South Africa Hong Kong Philippines Singapore Azerbaijan Kazakhstan Belarus If you are interested in Kaspersky Endpoint for Linux a license can be purchased from Laptops with Linux in the EU. I don't have the Kaspersky Endpoint kit download links at hand right now to post. [Found it: here] Since I do not live in the EU in order to activate it I had to VPN into the EU - after activation no problem as long as it can access the Kaspersky update servers.

Hallo @LeuchtBall, willkommen. Kannst Du bitte schildern, welchem Programm Du wie den Internetzugriff gesperrt hast? In Deinem Screenshot scheint es mir nicht das Corel-Hauptprogramm zu sein, sondern ein Hilfsprogramm (Corel Update Helper x32). Kannst Du bitte über das Hauptfenster links "Sicherheit" auswählen, dann rechts etwas nach unten scrollen und "Programmüberwachung->Programme verwalten" anklicken? Im Idealfall haben die Corelkomponenten eine eigene Gruppe, wie in untenstehendem Beispiel Firefox in "Mozilla". Kannst Du dort den "Corel Update Helper x32" finden? Wie sind seine Einstellungen (Doppelklick auf das Programm)? Screenshot?

@ooZooN Welcome. Here is the official satement : " Hello, This is due to an update of the VPN infrastructure. All VPN users will see a new agreement in the app which they need to accept. The number of available VPN servers will change from ~105 to ~85, most common servers will remain. The router feature, protocol selection and dual VPN options will disappear. We’re continuing to expand coverage and add new features in upcoming updates. "

Weitere Info: selbst auf meinem Tablet von Xiaomi gibt es Probleme mit dem Update. Es gelingt einfach nicht - so wie auf dem Google Pixel. Lade ich die APK von Kaspersky herunter und installiere diese - nach Anleitung, verbleibt Version 11.129.4.14969. Komische Sache 😕

Huhu Ich bekomme den Hinweis auf ein notwendiges VPN Update im Programm Kaspersky Premium angezeigt, oben in Form eines Briefumschlags. Von dort habe ich nach Anleitung die APK heruntergeladen. Versionssprung, wie gesagt, von 11.129.4.14969-1 auf 11.129.4.14969-2 🙂

So, wie durch ein Wunder bin ich nach wiederholtem herunterladen der APK auf Version Version: 11.129.4.14969-2 (vorher 1!) gelandet. Leider wird mir trotzdem wiederholt angezeigt, dass ein wichtiges App-Update für VPN vorliegt. Nervig 🙂 Ist nun die Frage, ob ich die aktuelle Version für mein Telefon habe oder nicht (auch das VPN betreffend). Wie bereits gesagt, in den Stores von Xiaomi und Samsung wird Version: 11.129.4.15102 angeboten.

Update your Server 2019 to latest update patch and try reinstalling Netagent or run KVRT before installing Netagent , have you raised ticket on Kaspersky Support , what was their feedback

@Flood and Flood's wife@Berny thank you so much app updater can auto update 7zip and winrar on my pc completed but anydesk only can't update by kaspersky app updater i know when i download manual update from anydesk official website and install again can fix problem but want send report to kaspersky case anydesk only can't update by kaspersky app updater. when click try again button problem not reslove

We use Kaspersky Endpoint Security Cloud and the instructions included installing through Intune. There was no agent to install, they simply suggested pushing out the entire distribution package through intune. This worked out fine, but now there is a new version (12.10.0.466). If I 'prepare the distribution package' it will automatically start updating clients, but this is problematic. Intune is setup to detect the install of version 12.9. Am I supposed to disable this pushed install entirely when we need to update? Is there a way to get this package without pushing it to all users? I would much rather let intune handle this so that future intune devices also get the latest Kaspersky app. The only way around this that I can see is to disable the intune install, push out the new package, immediately download said package and create a new intune install. But what happens? Intune is going to try and install the update at the same time as Kaspersky cloud, which I have to imagine is going to cause all sorts of grief. Is there a better way to handle this? Like an agent I can push through intune that doesn't install the app until the cloud console tells it to? That is how ESET handled things and we never had to worry about it. If anyone else uses Intune please let me know how you handle this

Kaspersky's history and dedication to customers! "Kaspersky began with a simple mission to protect people and businesses from cyberthreats and build a safer world. Our founder, Eugene Kaspersky, believes 'everyone has the right to be free of cybersecurity fears'! And it is this belief that underpins our efforts as a company. Kaspersky products are always at the forefront of technology, delivering state-of-the-art protection for our users". "Kaspersky's customer service is also highly regarded. We offer the option of 24/7 remote IT support with our consumer products, which can include services like remote installation, virus check and removal, and PC health checks. Having this priority access to support, gives our customers greater peace of mind, because they know we're always there to help". • So how on earth sadistic saboteur inflicted ordeal with impunity since Oct 2024, to the detriment of my Latitude E5540 (Win 7 Pro) reliability, besides the torment inflicted on me. Whilst the incessant internet interruptions cropped-up at will of the imbedded saboteur, virtually breathing down-my-neck. Compounded by the relentless email log-in impediments via sadistic verifications ploy. Compelling repeatedly to identify a lot of vague features within the obscure images charade. Conditional to access email accounts, under Kaspersky's protection! Outrageously exploited as a double-edged sword, whatever it takes to torment the targeted user. Once the technical assistance was sought by me, I became flabbergasted by the perfidious modus-operandi of the cunning customer service representatives! Deceitful to the detriment of the railroaded Kasperski's adherents, such as myself. Have a go to find out all-about-it, due to the encountered tribulations by me. Transcribed below for your perusal: ######################################################### From: (Leo24) Sent: Sat 3 May 2025 11:11 AM To: Kaspersky Technical Support <*****@*****.tld> Subject: Malicious internet dropouts Malicious internet dropouts! Targeted internet dropouts since Oct 2024 compelled me to seek your assistance, as the moderator's technique by Wesly Zhang proved to be fruitless. Please refer to ... https://forum.kaspersky.com/topic/kernel32dll-51818/?page=2 Per example, event depicted on the system log: Warning 08-Nov-24 15:26:24 Event 27, e1dexpress Intel(R) Ethernet Connection I218-LM Network link is disconnected. Thanks in advance! Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support <*****@*****.tld> Sent: Sat 3 May 2025 11:12 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Thank you for contacting Kaspersky Technical Support. The following request was registered: ID INC000017508101. We will do our best to respond to your request as soon as possible. To add new information to your request or ask additional questions, you can simply reply to this e-mail - leaving the subject line unchanged. This email was generated automatically. Best regards, Kaspersky Technical Support ######################################################### From: Kaspersky Lab Support Sent: Sun, 4 May 2025 8:54 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello Leo24, Thank you for contacting Kaspersky Support. To better understand the issue, please provide us with the following information as part of troubleshooting: 1. If there's any error message or a warning of any kind showing the issue, please take a screenshot of it or a short video recording and send it to us so we can better understand and identify the issue at hand. 2. Please create and share a GetSystemInfo report. To create this report, simply follow the step-by-step guidelines here: http://support.kaspersky.com/general/dumps/3632#block7 Note that the *.zip archive containing the report is saved on the desktop by default. 3. Please provide a detailed, step-by-step process for issuing recreates. Have a great day! Chor | Customer Service Representative ######################################################### From: (Leo24) Sent: Thu 8 May 2025 5:51 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Chor wrote: "Please create and share a GetSystemInfo report". • Actually, one of your moderators, Wesly Zhang got already this report, mentioned at the ... https://forum.kaspersky.com/topic/kernel32dll-51818/#comments Nov 15, 2024 GSI version: 6.2.2.58 File size: 1 Total physical memory: 8291.60 Mb Report: GSI6 uploaded 2024-11-15 03:06:27 Containing warnings such as: Warning 08-Nov-24 15:26:24 Event 27, e1dexpress Intel(R) Ethernet Connection I218-LM Network link is disconnected. • Although solution was sought at first for the kernel32.dll dilemma, the malicious internet dropouts persisted all along. I've followed Wesly Zhang recommendations to no avail, while the targeted internet dropouts occurred at will. Performed by some kind of a remote-control saboteur. Disenchanted Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Fri, 9 May 2025 2:14 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Dear Leo24, Thank you for getting back to us. We believe this could be a network degradation issue, not anything caused by anything malicious. 1. If you have run a full scan and had Kaspersky installed on the device since Oct 2024, it is doubtful that this is caused by anything malicious. 2. Internet dropping out can be caused by other factors, such as Wi-Fi Signal Issues, Router and Modem Problems, Internet Service Provider (ISP) Issues & also Device-Specific Problems. Do you experience the same behaviour on other Wi-Fi connections? Have you contacted your Internet Service Provider (ISP) since this issue began? Is this issue specific to your device, or does it happen on other devices too? Please keep us posted. Ali || Customer Service Representative ######################################################### From: (Leo24) Sent: Tue 13 May 2025 6:02 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Ali wrote: "Is this issue specific to your device, or does it happen on other devices too"? • Actually, my Latitude E5540 (Win 7 Pro) has been solely affected by the malicious internet interruptions (unlike my friend's eMachines E727 [Win 7 Home Premium], which never endured internet interruption). A momentary internet interruptions initially occurred as I was about to determine data usage by clicking on the "Wireless Network Connection Status" of my Latitude E5540 (Win 7 Pro). Though before I could ascertain the amount of the evolved (in/out) figures, they reverted to zero. Due to the untouchable saboteur internet interruption. Subsequently, 10 minutes approx after the start of my internet sessions interruptions occurred for some time, then persisted variously. Hiatus emerged toward the end of 2024, followed by the exacerbated internet interruptions since the beginning of this year (2025). In a row of 3, 4, 5, during sporadic internet sessions. Thus in addition to the relentless Yahoo email log-in impediments via sadistic verifications ploy, the accompanied internet interruptions compounded torment moreover. Whereas to alleviate the frustration in these circumstances, a timely popup on the screen to alert the impacted. Any tips regarding? Disenchanted Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Wed 14 May 2025 1:21 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Thank you for your reply. In order to keep track of the changes performed on your system, we ask you to provide us a new Getsysteminfo report, using the same instructions we sent you previously. If there's any error message or a warning of any kind, please take a screenshot of it and send it to us so we could better understand and identify the issue at hand. In case you need help with that, here's a handy guide about taking screenshots: http://support.kaspersky.com/us/492?cid=pe Thank you and have a nice day! Fawwaz || Customer Service Representative ######################################################### From: (Leo24) Sent: Mon 19 May 2025 4:58 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Fawwaz wrote: "In order to keep track of the changes performed on your system, we ask you to provide us a new Getsysteminfo report, using the same instructions we sent you previously". Earlier Chor wrote: "Please create and share a GetSystemInfo report. To create this report, simply follow the step-by-step guidelines here"... http://support.kaspersky.com/general/dumps/3632#block7 • Having created ... GSI6_USERPC_Owner_05_16_2025_18_21_00.zip ... as instructed, I am seeking advice about the prescribed mode of transfer. Thank you for your assistance! Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Tue 20 May 2025 2:36 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello, Thank you for the reply. Sorry to hear that you are facing this issue. You can simply attach the "GSI6_USERPC_Owner_05_16_2025_18_21_00.zip" file to your reply to this email. Alternatively, if the file size is too large for email or you prefer, you can upload it to our secure internal storage using the following link: https://box.kaspersky.com/u/d/xxx Could you also confirm if the issue continues after pausing or exiting your Kaspersky application? Please reply with the result so we can investigate further. In addition, if any visual information is available, please take a photo or a screenshot and share it with us. You can find a guide on how to take a screenshot here: http://support.kaspersky.com/general/various/492 We appreciate your cooperation and look forward to assisting you further. Have a great day! Rinitha || Customer Service Representative ######################################################### From: (Leo24) Sent: Wed 21 May 2025 5:25 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts • Hi Rinitha, please be informed that I didn't notice any rogue manifestations on the screen. Unfortunately, network connection status indicator at the notifications bar at the bottom, isn't supplemented by the "internet down" popup on the screen! Any tips regarding? So in addition to the ruthless email log-in impediment via treacherous verifications ploy, the accompanied internet interruptions compounded torment moreover. With the case in point, the interruptions manifested at least four times on Monday 19-05-25 between 16:18 - 17:48. • Please proceed to examine ... GSI6_USERPC_Owner_05_21_2025_10_05_56.zip ... uploaded as recommended at ... https://box.kaspersky.com/u/d/xxx Upload files to INC000017508101 shared by: File size should be smaller than 10.2 GB. Drag and drop files or folders here. No file chosen All files uploaded 1/1 Files name size progress state GSI6_USERPC_Owner_05_21_2025_10_05_56.zip 11.1 M Uploaded Thank you for your assistance! Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Thu 22 May 2025 11:50 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hi Leo24, Thank you for your email. The system information report shows there are no malicious items. You may consider having the networking equipment and/or the networking component on the computer checked by the manufacturer support. Please feel free to let us know should you have further queries. Thank you for contacting Kaspersky Support and have a great day! Regards, Ray || Customer Service Representative ######################################################### https://www.microsoft.com/en-us/microsoft-365/outlook/email-and-calendar-software-microsoft-outlook?deeplink=%2fowa%2f&sdf=0 Microsoft Homepage Thank you for your patience We are currently experiencing high demand. Please wait and try again later. ID: 18.6cbb07ca.1747896832.105daee4 ------------------------------------------------------------------------------------------------------ • Attention is drawn to the above depicted deception! Manifested within the upper half of my Latitude E5540 screen. Emanated apparently, during futile log-in attempts into my hotmail account via Google Chrome on 22-05-25, during 14:40 - 16:34 period. MS Edge and Mozilla Firefox were not affected by the sadistic sabotage. A couple of days later I could log-in again into my hotmail accounts via Google Chrome. ######################################################### From: Kaspersky Lab Support Sent: Tue, 27 May 2025 12:11 PM To: You (Leo24) Subject: Malicious internet dropouts Dear Customer, We have not heard back from you. If the issue remains unresolved, please reply to this email. Here's a copy of the message we've sent you previously. Below you may find our previous message sent a few days ago, in case you have accidentally deleted our email: ----------------------------------------------------------------------------------------------------- Please let us know if you need any further assistance. If we do not receive any response to this request within 10 days, your request will be closed. Best regards, Kaspersky Technical Support ######################################################### From: (Leo24) Sent: Tue 27 May 2025 at 2:47 PM To: Data Protection Officer <*****@*****.tld> Subject: Saboteur inflicted ordeal with impunity Saboteur inflicted ordeal with impunity Hi, I've been Kaspersky's adherent since Nov 2019. Initially as a free antivirus user - to the advantage of my Latitude E5540 (Win 7 Pro). Only occasionally accessing internet, nevertheless having subscribed to Kaspersky's Standard plan, since Oct 2024. Totally relying on the safety, reliability and integrity of Kaspersky's operations and products. Naturally, as a company that protects over a billion devices worldwide, it's important to address customers' concerns head-on! To start with the solution sought for the kernel32.dll dilemma, which faded away. Whilst the malicious internet interruptions persisted all along, since Oct 2024. Reluctantly, I've followed one of your moderators, Wesly Zhang recommendations, to no avail. Whilst the deliberate internet interruptions cropped up at will of the imbedded saboteur, virtually breathing down my neck. A brief hiatus in internet interruptions toward the end of 2024, gave way to the repetitive internet interruptions a few minutes apart, since the beginning of 2025 (during occasional internet sessions). Just as relentless Yahoo email log-in impediments were ratchet-up via sadistic verifications charade. Synchronised in a unison with the accompanied internet interruptions. Culminating in a futile log-in exertion on 22-05-25, due to the abrogated access to the hotmail accounts this time around. Whilst the bogus "Microsoft Homepage" announced: "Thank you for your patience. We are currently experiencing high demand. Please wait and try again later". In reflection on the boredom afflicted, the highly paid IT staff, indulging apparently in the sadistic extravaganza. When I anticipated factual, decisive results! Courtesy of the technical assistance by Kaspersky Lab Support. Please proceed to examine modus operandi of the customer service! Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments 27-05-25 ######################################################### From: (Leo24) Sent: Sat 31 May 2025 4:21 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Ray wrote: "We have not heard back from you. If the issue remains unresolved, please reply to this email". • Attention customer service representatives! Chor, Ali, Fawwaz, Rinitha, Ray - please be informed: I've been Kaspersky's adherent since Nov 2019. Initially as a free antivirus user - to the advantage of my Latitude E5540 (Win 7 Pro). Only occasionally accessing the internet, nevertheless having subscribed to Kaspersky's Standard plan, since Oct 2024. Totally relying on the safety, reliability and integrity of Kaspersky's operations and products. Naturally as a company that protects over a billion devices worldwide, it's important to address customers' concerns head-on! To start with the solution sought for the kernel32.dll dilemma, which faded away. Whilst the malicious internet interruptions persisted all along, since Oct 2024. Reluctantly, I've followed one of your moderators, Wesly Zhang recommendations, to no avail. Whilst the deliberate internet interruptions cropped up at will of the embedded saboteur, virtually breathing down my neck. A brief hiatus in internet interruptions toward the end of 2024, gave way to the repetitive internet interruptions a few minutes apart, since the beginning of 2025 (during occasional internet sessions). Just as relentless Yahoo email log-in impediments were ratchet-up via sadistic verifications charade. Synchronised in unison with the accompanying internet interruptions. Culminating in a futile log-in exertion on 22-05-25, due to the abrogated access to the hotmail accounts this time around. Whilst the bogus "Microsoft Homepage" announced (after 2pm): ------------------------------------------------------------------------------------------------------- https://www.microsoft.com/en-us/microsoft-365/outlook/email-and-calendar-software-microsoft-outlook?deeplink=%2fowa%2f&sdf=0 Microsoft Homepage Thank you for your patience We are currently experiencing high demand. Please wait and try again later. ID: 18.6cbb07ca.1747896832.105daee4 ------------------------------------------------------------------------------------------------------- Amazingly, avowal earlier in the day of 22-05-25 at 11:50 insisted: "The system information report shows there are no malicious items"! Compelling complaint escalation to the attention Data Protection Officer on 27-05-25 at 14:47. Still, internet interruptions persisted on the following day at 11:54, 11:58, 11:59, 12:00, 12:01, 12:02, 12:04. During internet session between 11:32 - 13:11 on 28-05-25. Then finally halleluiah, no log-in disruptions on 29-05-25, 30-05-25, 31-05-25 - followed by the peaceful internet sessions. Hopefully, as a precursor to the secure internet surfing, once my Latitude E5540 (Win 7 Pro), being thoroughly sanitised. Cautiously optimistic Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Sun 1 Jun 2025 4:03 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello Leo24, Thank you for your response. The email that you received, "We have not heard back from you. If the issue remains unresolved, please reply to this email", was an auto-generated follow-up email. We apologize for any inconvenience caused and acknowledge your remarks on this. Customer satisfaction being our priority, you may be assured that Kaspersky will always be dedicated to improving the quality of products and services offered to all our customers. Now that your internet issues are clear, would you like us to close this ticket? We're happy to keep it open if you anticipate any additional questions. If you have any further questions, please do not hesitate to contact us. Have a great day! Eric || Customer Support Representative ######################################################### From: (Leo24) Sent: Tue 3 Jun 2025 4:36 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Eric wrote: "Now that your internet issues are clear, would you like us to close this ticket"? • As a matter of fact, saboteur inflicted ordeal with impunity since the Oct 2024, abated. Courtesy of the Data Protection Officer intervention! Solely a single internet interruption occurred at 12:42 on 02-06-25, between 8:31 - 13:09 (momentarily as before). So it will take some time to ascertain the cessation of the torment. Cautiously optimistic Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Wed 4 Jun 2025 4:49 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello, Thank you for the reply. We appreciate you updating us on the issue. We're glad to hear that the internet interruptions have significantly decreased and that you're now experiencing more stable internet sessions. We understand your concern to continue monitoring the situation to ensure the issue has fully resolved. Please let us know if the interruptions recur or if you have any additional questions. Just wanted to let you know that your case status will be set to pending until we receive your update or if you need any further assistance. If we do not receive any response from you within 7 days, an automated email will be sent. If there's still no response by the 15th day, the case will be closed. Thank you and have a great day! Best regards, Rinitha || Customer Service Representative ######################################################### From: (Leo24) Sent: Fri 6 Jun 2025 4:34 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Rinitha wrote: "We're glad to hear that the internet interruptions have significantly decreased and that you're now experiencing more stable internet sessions". • Saboteur interrupted internet, exacerbated on 03-06-25 in the evening, during 19:24 - 21:18 period. MS Edge alerts didn't popup any longer, sabotaged likely. So precise timings of the momentarily tripped internet, couldn't be ascertained. Meanwhile, Google Chrome became inaccessible! Solely a message at the upper left corner of the blank page claimed: "Our systems have detected unusual traffic from your computer network. This page checks to see if it's really you sending the requests, and not a robot". Thus compelling to identify some features on several images within the verifications charade. Declined by me, as no impediments faced at the other browsers. At the end of my internet session, just as I was about to determine data usage by clicking on the "Wireless Network Connection Status" of my Latitude E5540 (Win 7 Pro), I couldn't ascertain the amount of the evolved (in/out) figures, as they reverted to zero. Due to the sadistic saboteur internet interruption at 21:18 on 03-06-25. Worse faired internet session on 05-06-25, during 11:31 - 16:36 period. So we're back to square one, all over again! Clearly, I was taken for a ride on the wild goose chase! No serious attempt was made to resolve the issue. Care to explain, how could a saboteur inflict the ordeal with impunity since Oct 2024? To the detriment of my Latitude E5540 (Win 7 Pro) reliability, besides the torment endured by me. Whilst the targeted internet interruptions cropped-up at will of the imbedded saboteur, virtually breathing down-my-neck. Warranting resolute action to be taken! Mind you, it's a litmus test. Kaspersky's brand is at stake! In reflection on the questionable modus operandi by the IT support. Kaspersky's history and dedication to customers: "Kaspersky began with a simple mission to protect people and businesses from cyberthreats and build a safer world. Our founder, Eugene Kaspersky, believes 'everyone has the right to be free of cybersecurity fears'! And it is this belief that underpins our efforts as a company". Disenchanted Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Sat 7 Jun 2025 1:39 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello Leo24, Thank you for your email. Before we can propose solution or a workaround to the issue you are experiencing, we would need your assistance to share some additional data for further analysis. 1. Open the main Kaspersky application window. 2. Click Customer Service icon in the lower right part of the window. This opens the Customer Service window. 3. Click the Problem recording link to open the Problem recording window. 4. Select the error category: Other. 5. Make sure that Record the screen is checked. If the Record the Screen option is not cheked, clicking the Start recording button only creates a trace file. 6. Click Start recording. The recording indicator is displayed in the upper part of the screen. 7. Reboot the computer. 8. Wait for the "Recording" indicator to appear on the top of your screen and proceed to reproduce the issue. 9. Click on Stop and Save. Recording is stopped and saved in an archive on Desktop. 10. Click Go to archive. This opens an Explorer window at the location of the ZIP archive. The archive contains a screen recording (if it was performed) and traces. 11. Copy the Traces File (SupportTraces-Kaspersky -21.XX....zip) from the Desktop to the Documents folder or any other folder of your choice. 12. Please send the Traces archive to us. Thank you and have a great day. Kind regards, Darwin | Customer Support Representative ######################################################### From: (Leo24) Sent: Wed 11 Jun 2025 1:18 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Darwin wrote: "Copy the Traces File (SupportTraces-Kaspersky -21.XX....zip) from the Desktop to the Documents folder or any other folder of your choice. Please send the Traces archive to us". • Having created ... SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11.zip ... as instructed. Upload failed to KL box ..".Network error"... So, having attempted to attach it herewith. Only to face: "You don't have permission to open this file". Hence I am seeking advice regarding prescribed mode of transfer. Disenchanted Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Thu, 12 Jun 2025 11:45 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Thank you for your reply. You can try to upload them to any freeware file-hosting (DropBox / Filedropper / Google Drive for example) service and send us the download link. If there's any error message or a warning of any kind, please take a screenshot of it and send it to us so we could better understand and identify the issue at hand. In case you need help with that, here's a handy guide about taking screenshots: http://support.kaspersky.com/us/492?cid=pe Thank you and have a nice day! Fawwaz || Customer Service Representative ######################################################### From: (Leo24) Sent: Thu 12 Jun 2025 2:32 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Fawwaz wrote: "You can try to upload them to any freeware file-hosting (DropBox / Filedropper / Google Drive for example) service and send us the download link". • Wait a minute, wouldn't it be a rather reckless to recommend for the customer to share such a private info ... SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11.zip ... (restricted to be open only by the Administrator) ... with the third parties willy-nilly? I don't think so. Therefore, there seems to be no other safe mode of transfer, than to upload it to the Kaspersky's secure internal storage. Terribly letdown Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Fri, 13 Jun 2025 3:03 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Greetings, We are sorry for any inconvenience caused. You can upload the data to trusted cloud storage like Google Drive, OneDrive, Dropbox and etc, since they are trusted. We shall check on the Kaspersky storage issue but we would need a screenshot of the error so we can check further. Best regards. Tines || Customer Service Representative ######################################################### From: (Leo24) Sent: Fri 13 Jun 2025 2:17 PM To: Kaspersky Lab Support Subject: Malicious internet dropouts Tines wrote: "We shall check on the Kaspersky storage issue but we would need a screenshot of the error so we can check further". • Please be informed that the requested ProductTraces folder was uploaded to the KLBox ... https://box.kaspersky.com/u/d/52ce937b4dec475ab82c ... with the professional assistance! Kaspersky Upload files to INC000017508101 shared by: File size should be smaller than 10.2 GB. Drag and drop files or folders here. No file chosen All files uploaded 1/1 Files name size progress state SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11 - Copy.zip 1.2 G Uploaded 13:40 13-Jun-25 ######################################################### From: Kaspersky Lab Support Sent: Fri 13 Jun 2025 9:49 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Dear Leo24, Thank you for providing the requested information. We've forwarded your inquiry to our experts and will contact you as soon as they respond. Thank you, and have a nice day! Ali || Customer Service Representative ######################################################### From: Kaspersky Lab Support Sent: Tue 17 Jun 2025 3:47 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello Leo24, Thank you for your patience throughout this time. Our experts have just replied to us and they're asking if you could help us in getting some additional information? Please clarify the issue. Is it: 1) PC slow performance? 2) Internet speed slower with Kaspersky? 3) Internet speed OK but sometimes internet drops for a while? In this case, how often? For how long? Does the issue related to Kaspersky? 4) Do you suspect your PC is infected? 5) In the provided traces, it shows 40+ minutes of you surfing the internet. What is system time on video when the issue appears? We look forward to hear from you. Thank you and best regards, Isha | Customer Service Representative ######################################################### From: (Leo24) Sent: Sat 21 Jun 2025 11:03 AM To: Kaspersky Lab Support Subject: Malicious internet dropouts Isha wrote on 17-06-25: "Our experts have just replied to us"... in response to the uploaded data for further analysis on 13-06-25 ... SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11 - Copy.zip • Yet the results were not revealed. Instead ..".they're asking if you could help us in getting some additional information"? 1) "PC slow performance"? • Facts speak for themselves as my Latitude E5540 (Intel Core i5-4310U at 2.60 gHz) uploaded 1.2 GB ProductTraces folder to the KL box in 10 minutes. Flawless transfer ended at 13:40 on 13-06-25. Within the internet session, which started before noon and finished at 14:22 (unmonitored on the day). 2) "Internet speed slower with Kaspersky"? • Likely, please provide info - how to uncouple and verify. Currently signal quality: 5 bars. Speed: 72.2 Mbps. As per (Win 7 Pro) wireless network connection status display. 3) "Internet speed OK but sometimes internet drops for a while? In this case, how often? For how long? Does the issue related to Kaspersky"? • Actually, it's impossible to become aware of, without the dedicated device! Due to the momentarily triggered internet interruptions. Mostly occurring within the fraction of a second. Audible alert would help. Any tips? 4) "Do you suspect your PC is infected"? • Well, according to Ali's advice given on Fri, 9 May 2025: "If you have run a full scan and had Kaspersky installed on the device since Oct 2024, it is doubtful that this is caused by anything malicious". 5) "In the provided traces, it shows 40+ minutes of you surfing the internet. What is system time on video when the issue appears"? • To be precise, four hours recording of surfing the internet, derived during 9:27 - 13:33 period on 11-06-25. Depicted within the 1.2 GB ProductTraces folder. Reprehensibly, the four hours internet session was interrupted eleven times, at: 9:38, 9:41, 10:01, 10:04, 10:05, 10:07, 10:28, 10:29, 10:39, 11:24, 13:26. "We look forward to hear from you"! • Likewise, I am eager to hear from you! All about the facts derived from your lengthy investigation into reprehensible deeds - carried out to the detriment of my lappy's reliability - besides the torment inflicted on me. Whilst the malicious internet interruptions cropped-up at will of the imbedded saboteur, virtually breathing down-my-neck. Symbolising a significant indicator that my lappy's reliability was compromised. Terribly letdown Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Sun 22 Jun 2025 5:09 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Hello, We've forwarded your inquiry to our experts, we will get back to you as soon as we hear from them. Thank you and have a nice day! Best regards. Tines || Customer Service Representative ######################################################### From: Kaspersky Lab Support Sent: Wed, 25 Jun 2025 1:42 AM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, I appreciate the patience you have shown. I apologize for my late response. Our Escalation Team have just replied to us with the latest update. Put the following files into password password-protected zip archive and send to us >>> F:\mb-clean-3.1.0.1035.exe D:\setup.EXE C:\Users\Owner\Downloads\PC_Connect3.2.64.01131_release.exe C:\Windows\system32\Tasks\{3D22ECEA-BF69-4F06-ACAE-BC5C0FE5B693} C:\Windows\system32\Tasks\{9D39F01C-87E4-49F7-95F6-C1A9694CBE8C} C:\Windows\system32\Tasks\{FB37A077-D95A-425D-98D4-1A15A0F9BC1D} Please use a third party file archiver such as 7zip (free) or WinRAR (free trial) to create a password protected archive. Select all the files you want to add to the archive, then right-click on one of them, select the name of your file archiver from the menu that appears and then click on "Add to archive". In the options menu that appears, under "Encryption" or "Set Password", enter the password you want to use, and then confirm it. For more help with the usage of these file archiving programs, please consult their respective documentation/online support. Thank you for choosing Kaspersky and have a great day ahead. Tines || Customer Service Representative ######################################################### From: (Leo24) Sent: Mon 30 Jun 2025 10:06 AM To: Kaspersky Lab Support Subject: Malicious internet dropouts Attention customer service representatives! Due to the latest inexplicable demands emailed on 25-06-25, vital to recap the chain of events: Fawwaz announced on 14-05-25: "In order to keep track of the changes performed on your system, we ask you to provide us a new Getsysteminfo report, using the same instructions we sent you previously". Leo replied on 19-05-25: Having created ... GSI6_USERPC_Owner_05_16_2025_18_21_00.zip ... as instructed, I am seeking advice about the prescribed mode of transfer. Rinitha instructed on 20-05-25: You can ... upload it to our secure internal storage using the following link: https://box.kaspersky.com/u/d/52ce937b4dec475ab82c Leo replied on 21-05-25: Hi Rinitha, please proceed to examine ... GSI6_USERPC_Owner_05_21_2025_10_05_56.zip ... uploaded as recommended at ... https://box.kaspersky.com/u/d/52ce937b4dec475ab82c Leo notified on 21-05-25: Unfortunately, network connection status indicator at the notifications bar at the bottom, isn't supplemented by the "internet down" popup on the screen! So in addition to the ruthless email log-in impediment via treacherous verifications ploy, the accompanied internet interruptions compounded torment moreover. With the case in point, the interruptions manifested at least four times on 19-05-25 between 16:18 - 17:48. Ray declared on 22-05-25 at 11:50: "The system information report shows there are no malicious items". Leo appealed on 27-05-25 to Data Protection Officer, concerning: Saboteur inflicted ordeal with impunity. Leo appealed on 31-05-25 to the customer service representatives: Chor, Ali, Fawwaz, Rinitha, Ray ... email log-in impediments were ratchet-up via sadistic verifications charade. Synchronised in unison with the accompanying internet interruptions. Culminating in a futile log-in exertion on 22-05-25, due to the abrogated access to the hotmail accounts this time around. Whilst the bogus "Microsoft Homepage" announced: "We are currently experiencing high demand. Please wait and try again later". Amazingly, Ray's avowal earlier in the day insisted: "The system information report shows there are no malicious items"! Compelling complaint escalation to the attention Data Protection Officer on 27-05-25. Still, internet interruptions persisted on the following day, at: 11:54, 11:58, 11:59, 12:00, 12:01, 12:02, 12:04. During internet session on 28-05-25, between 11:32 - 13:11. Leo notified on 06-06-25: Saboteur interrupted internet, exacerbated on 03-06-25 in the evening, during 19:24 - 21:18. MS Edge alerts didn't popup any longer, sabotaged likely. So precise timings of the momentarily tripped internet, couldn't be ascertained. Meanwhile, Google Chrome became inaccessible. Though, no impediment faced at the other browsers. At the end of internet session, just as I was about to determine the data usage by clicking on the "Wireless Network Connection Status" of my lappy, I couldn't ascertain the amount, as it reverted to zero. Due to the sadistic saboteur internet interruption on 03-06-25 at 21:18. Worse faired my internet session next day, during 11:31 - 16:36 on 05-06-25. Darwin announced on 07-06-25 at 13:39: "Before we can propose solution or a workaround to the issue you are experiencing, we would need your assistance to share some additional data for further analysis". Leo replied on 11-06-25: Having created ... SupportTraces-Kaspersky Standard-21.21.7.384-2025-6-11-12-24-11.zip ... as instructed. Upload failed at the KL box ... Hence I am seeking advice regarding prescribed mode of transfer. Fawwaz instructed on 12-06-25 at 11:45: "You can try to upload them to any freeware file-hosting (DropBox / Filedropper / Google Drive for example) service and send us the download link". Leo replied on 12-06-25 at 14:32: Wait a minute, wouldn't it be a rather reckless to recommend for the customer to share such a private info with the third parties willy-nilly? I don't think so. Therefore, there seems to be no other safe mode of transfer, than to upload it to the Kaspersky's secure internal storage. Tines persevered on 13-06-25 at 03:03: "We shall check on the Kaspersky storage issue but we would need a screenshot of the error so we can check further" (in reality, the encrypted ProductTraces folder, required professional tweak, before the upload its 2.1 GB copy). Consequently, Leo confirmed on 13-06-25 at 14:17: Please be informed that the requested ProductTraces folder was uploaded flawlessly on 13-06-25 at 13:40 to the KLBox ... https://box.kaspersky.com/u/d/52ce937b4dec475ab82c ... with the professional assistance! Ali replied on 13-06-25 at 21:49: Thank you for providing the requested information. We've forwarded your inquiry to our experts and will contact you as soon as they respond. Isha persevered on 17-06-25: "Our experts have just replied to us and they're asking if you could help us in getting some additional information". Consequently, Leo replied on 21-06-25 to all the raised questions: 1) "PC slow performance"? • Facts speak for themselves as my Latitude E5540 (Intel Core i5-4310U at 2.60 gHz) uploaded 1.2 GB ProductTraces folder to the KL box in 10 minutes. Flawless transfer ended on 13-06-25 at 13:40. Within the internet session, which started before noon and finished at 14:22 (unmonitored on the day). 2) "Internet speed slower with Kaspersky"? • Likely, please provide info - how to uncouple and verify. Currently signal quality: 5 bars. Speed: 72.2 - 300 Mbps. As per (Win 7 Pro) wireless network connection status display. 3) "Internet speed OK but sometimes internet drops for a while? In this case, how often? For how long? Does the issue related to Kaspersky"? • Actually, it's impossible to become aware of, without the dedicated device! Due to the momentarily triggered internet interruptions. Mostly occurring within the fraction of a second. Audible alert would help. Any tips? 4) "Do you suspect your PC is infected"? • Well, according to Ali's advice given on Fri, 9 May 2025: "If you have run a full scan and had Kaspersky installed on the device since Oct 2024, it is doubtful that this is caused by anything malicious". 5) "In the provided traces, it shows 40+ minutes of you surfing the internet. What is system time on video when the issue appears"? • To be precise, four hours recording of surfing the internet, derived on 11-06-25 during 9:27 - 13:33. Depicted within the 1.2 GB ProductTraces folder. Reprehensibly, the four hours internet session was interrupted eleven times, at: 9:38, 9:41, 10:01, 10:04, 10:05, 10:07, 10:28, 10:29, 10:39, 11:24, 13:26. "We look forward to hear from you"! • Likewise, I am eager to hear from you! All about the facts derived from your lengthy investigation into reprehensible deeds - carried out to the detriment of my lappy's reliability - besides the torment inflicted on me. Whilst the malicious internet interruptions cropped-up at will of the imbedded saboteur, virtually breathing down-my-neck. Symbolising a significant indicator that my lappy's reliability was compromised. Next day, Tines replied on 22-06-25: "Hello, we've forwarded your inquiry to our experts, we will get back to you as soon as we hear from them". Oddly though topic's title: Malicious internet dropouts, gone from the subject line, beset by "Kaspersky Technical Support - ID INC000017508101". A few days later, Tines persevered on 25-06-25: "I appreciate the patience you have shown. I apologize for my late response. Our Escalation Team have just replied to us with the latest update. Put the following files into password-protected zip archive and send to us". • Are you serious? Any idea, what it's all about? Have a go, enlighten me! Yet an another attempt to derail the inquiry? Lacking interim finding, whatsoever. No result of the analysis by experts ever revealed. Whist the depicted facts in my emails were ignored entirely. In spite of the answered all the requests in the received emails. Copies of which, remained always beneath my replies, in a prescribed manner. Sadly, disrupted by the customer service representatives detached emails. How to continue an email thread? Continuing an email thread refers to the practice of replying to an existing email message while keeping the previous conversation intact. This method allows for a seamless flow of communication, as it keeps all related information in one consolidated thread. By utilizing the appropriate email etiquette, individuals can effectively continue an email thread while adding new information, addressing queries, or providing updates. When continuing an email thread, it is crucial to follow a few best practices: Firstly, it is essential to maintain the subject line of the email, as this provides context to all recipients and helps them identify the ongoing conversation. Ideally, the subject line should be concise, relevant, and accurately reflect the content of the email. Furthermore, when continuing an email thread, it is crucial to address all points raised in the previous email. This ensures that the conversation progresses smoothly and that no important aspects are overlooked. By systematically addressing each point, recipients can easily follow the discussion and provide appropriate responses ... https://www.usebouncer.com/knowledge-base/how-to-continue-an-email-thread Terribly letdown Leo24 https://forum.kaspersky.com/topic/kernel32dll-51818/#comments ######################################################### From: Kaspersky Lab Support Sent: Mon 30/06/2025 10:07 PM To: You (Leo24) Subject: Malicious internet dropouts Dear customer, Dear Leo24, Sorry for any inconvenience caused. The trace logs show 40+ minutes of you surfing the internet; everything seems normal. Our experts requested the files to investigate your concerns about something malicious causing the network drop-out issue. Again, to recap, please provide the following in a password-protected archive: F:\mb-clean-3.1.0.1035.exe D:\setup.EXE C:\Users\Owner\Downloads\PC_Connect3.2.64.01131_release.exe C:\Windows\system32\Tasks\{3D22ECEA-BF69-4F06-ACAE-BC5C0FE5B693} C:\Windows\system32\Tasks\{9D39F01C-87E4-49F7-95F6-C1A9694CBE8C} C:\Windows\system32\Tasks\{FB37A077-D95A-425D-98D4-1A15A0F9BC1D} Password suggestion: infected. We are looking forward to hearing from you. Don't hesitate to contact us for any assistance. Ali || Customer Service Representative To reply to this request, you can simply reply to this e-mail leaving the subject line unchanged. If we do not receive a response from you within 7 days, your request will be considered resolved by our system. If you would like us to leave your request open, you can simply let us know by replying to this e-mail or sending a new reply through My Kaspersky. We have obtained your personal data from you directly. The provided data will only be used for the provision of technical support and will be processed and protected in accordance with Kaspersky Data Privacy Statement for technical support. Should you have any questions about Kaspersky privacy practices or if you would like us to update information or preferences you provided to us, please contact our Data Protection Officer. AO Kaspersky Lab, bldg. 3, 39A, Leningradskoe Shosse, Moscow, 125212, Russian Federation. The representative of AO Kaspersky Lab in EU is Kaspersky Labs GmbH, Schloßlände 26, 85049 Ingolstadt, Germany.

Since the new update it's been pretty chaotic. This update (21.23.6.614-2) introduced WireGuard-based VPN tunneling for improved speed and stability but it also seems to have broken DNS resolution. I have Android and windows devices with this VPN and they all have the same problem. If you are comfortable, you can try changing the DNS with 1.1.1.1 and/or 8.8.8.8 on the Kaspersky VPN WG Nt Adapter Tunnel to test it out. BUT I do not recommend this as a work around as this may leave you vulnerable for data leak. Make sure you let support know by creating a ticket and mention the known issue for version 21.23.6.614-2

Gib es schon Neuigkeiten zu dem VPN Problem? Vielleicht ein Update seitens Kaspersky? Seit Ende November habe ich immer noch kein VPN. Ich kann mich mit keinem Server verbinden und das an allen meinen Rechnern. Habe schon mehrmals beide VPN Programm Versionen ausprobiert: 21.23.6.614-1(a) und 21.23.6.614-2(a) Mein Microsoft Edge und Google Chrome Browser meldet immer noch: ERR_TIMED_OUT Gruß Jan

Thank you for the detailed feedback. Our downloadable Windows tool is also EV code-signed, so if an older unsigned build was involved in the initial detection, it has now been replaced with the clean, signed version. I rescanned the site and the current homepage HTML (SHA-256: 8bc821aca2333a7f3687b2c97aa43cfe63606208570e4e58a4ace734e8ec1f6a) shows 0/61 detections. Could Kaspersky Virus Lab please re-analyse the current version of https://metehanreset.com/ and update the classification if it is now clean? This is a small commercial site for printer maintenance tools and the “Botnet C&C / malware” label is seriously affecting my business. Thank you in advance.

Hello @Clark Welcome back! Correct for both. We submitted a request to update the documentation to reflect Kaspersky Free significant changes - Kaspersky refused stating the product is no longer supported. 🙄 Thank you🙏 Flood🐳+🐋

Hello if your remaining activation code expire. than what will likely to happen: Kaspersky software is highly unlikely to auto renew your activation time. so you cannot perform a databases update after activation expire. and antivirus function stop working. you cannot use the program anymore. you can only choose to uninstall it or buy a subscription.

Update + Patience + Wait = Success Backup Recovery *for files less than 1TB

Hallo @Benjel, ohne Versionsnummer im Name kann KL stets den selben Downloadlink verwenden und Du landest automatisch bei der letzten verfügbaren Version. Machen wir hier im Forum auch. Wichtig in Deinem Fall ist der erste Teil der Versionsnummer: 11.129. Der Rest ist nicht ganz so wichtig. Die Androidversionen melden sich seit der 126, wenn es ein neues Update gibt und bieten die Installation an.

I just update it to 11.129.4.146969-1 everything works fine. I thought it just updating by itself

@pok You are welcome. Above screenshots have been generated on a Dutch version , i am running as well on another iPhone the English version with following available options : Security Databases Security Scan VPN Safe Money Phishing & Malware filter Anti-Banner Private Browsing Smart Home Monitor Safe Kids Social Privacy Data Leak Checker Password Safety Wi-Fi Security Check Which version are you running , if needed please update on the App Store ? Kaspersky Technical Support is suggesting " If needed, try reactivating your license by signing in to your MyKaspersky account and see if the issue persists. Kindly update us on the results. " ⚠️ Also , please disconnect and reconnect the app from My Kaspersky ? On my side the problem was spontaneously fixed without any intervention, on all my devices i got prompted with "All limitations are removed " If no fix , Kaspersky Technical Support is your best option.

Administrator receives the notification about outdated anti-spam (AS) and/or anti-virus (AV) bases because a large time interval for updating AS and/or AV databases is set (every 5 hours or more for AS and every 24 hours or more for AV). Anti-spam and anti-virus bases should be updated much more often. Accordingly, Kaspersky Security Center should also update anti-spam and anti-virus bases more frequently. The best way is to update anti-spam bases directly via Internet from Kaspersky Update servers every 5 minutes. Anti-virus bases should be updated every 1 hour. If it is not possible, try to update Kaspersky Security Center and Kaspersky Security for Microsoft Exchange anti-spam bases every 30 minutes or every 1 hour, but in this case you should not expect a high spam detection rate.

In order to upgrade KATA from 3.7.2 to 4.0 > 4.1 > 5.0 > 5.1 > 6.0 please follow the manual below. Step-by-step guide Prior to PCN upgrade you have to disconnect all Sensors, SCNs and Sandboxes. After upgrade Sandboxes and Sensors must be reinstalled, disconnected SCNs – upgrade to 4.0 and 4.1 and then reconnect them to PCN. Upgrade order described here - https://support.kaspersky.com/KATA/4.0/en-US/198801.htm Information which is kept during upgrade - https://support.kaspersky.com/KATA/4.0/en-US/227848.htm Contents of backup - https://support.kaspersky.com/KATA/4.0/en-US/198854.htm NB! Events database is not being transferred if you want to restore backup to new installation (e.g. new physical or virtual server). System requirements are the same for 3.7.2 and 4.0/4.1, so if 3.7.2 installation matches the requirements, you can upgrade keeping the same hardware/VM configuration - https://support.kaspersky.com/KATA/4.0/en-US/194861.htm For upgrade you don’t need .ktgz archives, only the ISO file. Pre-upgrade recommendations This recommendation is optional for vanilla 3.7.2, and it's a must for 3.7.2 PF1 Before upgrading KATA 3.7.2 to KATA4, copy and run this script. Run it as root: python /var/opt/kaspersky/apt/files/kata4-preupgrade-checker.py Expected result for vanilla 3.7.2: In case any issues arise, please contact Kaspersky support, and provide script output as shown on screenshot above and this script log, the script shows log location upon completion: /data/kata4-preupgrade-checker.log Upgrade order Create backup of CN and do the manual backup of /var/opt/kaspersky/apt-preprocessor/preprocessor.conf (from CN and sensors, especially if tuning was made at sensors). Mount installation ISO to KATA VM or boot from drive with ISO, if a server is physical. Select Install Kaspersky Anti Targeted Attack Platform. Select Disk marked as [upgrade] and press Enter. Select Upgrade and press Enter Select Upgrade again and press Enter Wait for the completion and check at WEB UI, that there are no errors / issues / etc. Storage migration is a lengthy procedure and may take many hours, depending on the installation. No visual indication of progress is provided, but it's not frozen. Perform a backup of 4.0 The upgrade procedure from 4.0 up to 4.1 is pretty much the same, you have to map ISO and boot from it, select disk marked as [upgrade], proceed, make a backup of 4.1 Upgrade procedure from 4.1 to 5.0 is described here. Before updating the product from version 4.1 to version 5.0, check which boot mode is used on the server (BIOS or UEFI). If UEFI is used, the update will fail. To avoid this, you need to update from a special KATA 5.0 image which can be provided by Kaspersky Support. Before upgrade DISABLE NTP on 4.1 Information which is kept during upgrade. 1) You can obtain file upgrade_preparation-1.0-py3-none-any.whl in kata-cn-5.0.0-5201-inst.x86_64_en-ru.iso, just mount it in Windows, go to support folder, copy this file and put it to /tmp via WinSCP to your KATA 4.1. 2) Proceed with steps described in Online help After mounting ISO and running from it you will be prompted to say y + ENTER to upgrade Then press ENTER, read EULA and select "I accept" Then you have two options: leave cluster and bridge/overlay subnets by default (just by pressing ENTER in windows below) or you can change them as you want (especially if these subnets crossover with your infrastructure subnets) Upgrade procedure can take a while, after that you'll be prompted to choose management interface, enter it's details again Enter password for admin Configure DNS servers and press ENTER Enable SPAN capturing by typing y or skip this step as n and press ENTER (you can do it later after upgrade). Don't forget to read this article, kindly pay attention to section "Special considerations for upgrading Kaspersky Anti Targeted Attack Platform from version 4.1 to version 5.0" After upgrade you have to perform initial configuration of KATA via web interface using admin (with Local administrator checkbox) credentials being set up during upgrade, please refer to https://support.kaspersky.com/KATA/5.0/en-US/242580.htm and https://support.kaspersky.com/KATA/5.0/en-US/240726.htm Once the configuration is completed, it's possible to log in to Web UI as regular local admin: use Administrator/Administrator login and password, "Local administrator" checkbox must be enabled, too. Change the password for Administrator user and proceed with adding license, creating users etc. Upgrade procedure from 5.0 to 5.1 is described here. Step-by-step guide of upgrade is here. Information kept during upgrade is here. According to KB you have to upload upgrade.tar.gz to /data/upgrade But first, you have to create this directory and set permissions to it to be able to upload upgrade package via WinSCP (in this example we use chmod 777 as an ultimate set of rights, you can use another set) mkdir /data/upgrade chmod 777 /data/upgrade After that upload upgrade.tar.gz to /data/upgrade via WinSCP and unarchive it cd /data/upgrade tar xvf upgrade.tar.gz Give executive permissions to script install_kata_upgrade.sh and install pre-upgrade package Execute as root chmod +x /data/upgrade/install_kata_upgrade.sh sh install_kata_upgrade.sh You'll see this And finally run upgrade (use admin user credentials which you use for ssh) kata-upgrade --data-dir /data/upgrade --user admin --password 'passw@rd' In a while you should receive message about successful upgrade . Upgrade procedure from 5.1 Ubuntu to 6.0 Ubuntu is described HERE Step-by-step guide of upgrade is HERE Information kept during upgrade is HERE Upload kata-cn-ubuntu-upgrade-6.0.0-200-x86_64_en-ru.tar.gz via WinSCP to /home/admin Unpack it to /data by command tar xvf /home/admin/kata-cn-ubuntu-upgrade-6.0.0-200-x86_64_en-ru.tar.gz -C /data/ Install the upgrade package by running the following commands cd /data/upgrade/ chmod +x ./install_kata_upgrade.sh ./install_kata_upgrade.sh Install the upgrade by running the following commands source /tmp/upgrade-venv/venv/bin/activate kata-upgrade --data-dir /data/upgrade/ --password <password specified during component installation> If the password contains special characters, the password variable must be specified in the following format: --password '<password>' Mount the iso image of Kaspersky Anti Targeted Attack Platform version 6.0 and restart the server In the GRUB menu, select Upgrade KATA 5.1 Accept EULA Confirm upgrade Wait for completion, don't forget to remove ISO or ensure that after reboot KATA boots from local disk. Done. Known problem: during upgrade to 6.0 upgrade script may fail With the following error: 2024-10-21 10:56:16,664.664 [kata_upgrade.tasks.upgrade_base_task][ERROR] Upgrade task " (UpdateDeploymentServices)" completed with an error, elapsed time: 191.07 sec Traceback (most recent call last): File "/tmp/upgrade-venv/venv/lib/python3.11/site-packages/etcd3/client.py", line 46, in handler return f(*args, **kwargs) ^^^^^^^^^^^^^^^^^^ File "/tmp/upgrade-venv/venv/lib/python3.11/site-packages/etcd3/client.py", line 257, in get_response return self.kvstub.Range( ^^^^^^^^^^^^^^^^^^ File "/tmp/upgrade-venv/venv/lib/python3.11/site-packages/grpc/_channel.py", line 1161, in __call__ return _end_unary_response_blocking(state, call, False, None) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/tmp/upgrade-venv/venv/lib/python3.11/site-packages/grpc/_channel.py", line 1004, in _end_unary_response_blocking raise _InactiveRpcError(state) # pytype: disable=not-instantiable ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with: status = StatusCode.UNAVAILABLE details = "DNS resolution failed for etcd.dyn.kata:2379: C-ares status is not ARES_SUCCESS qtype=A name=etcd.dyn.kata is_balancer=0: Timeout while contacting DNS servers" debug_error_string = "UNKNOWN:DNS resolution failed for etcd.dyn.kata:2379: C-ares status is not ARES_SUCCESS qtype=A name=etcd.dyn.kata is_balancer=0: Timeout while contacting DNS servers {grpc_status:14, created_time:"2024-10-21T10:56:16.663456976+00:00"}" > After which web interface is not be accessible with Administrator credentials. Solution: Login to web interface using admin credentials (not Administrator) If current sizing by Endpoint Agents is not 0 then remember current value and set it to 0. If this setting cannot be applied because there are 0s for other integrations then set mail to 1. For example: Would be changed to Apply this configuration, login back with admin credentials and configure original values back: The point is to zero out any single of the integrations and then configure it back to original value, so depending on original configuration you may need to zero out other integration instead of Endpoint Agents. After this login to web interface with Administrator should work. Do that and wait till all errors in dashboard are cleared. Now you can restart upgrade script from step 5: sudo -i cd /data/upgrade/ ./install_kata_upgrade.sh source /tmp/upgrade-venv/venv/bin/activate kata-upgrade --data-dir /data/upgrade/ --password ... --current-task-index 5 Known problem: during upgrade to 6.0 when booting to iso an error is displayed: File /mnt/debconf_menu_answers.ini not found Possible causes: Upgrade script that was running before reboot did not finish successfully. Check logs in /var/log/kaspersky/installation/. It is safe to boot not from iso at this point to check that log. In case script failed (but not like above) escalate incident. Wrong partitioning of /dev/sda, where there is sda4 instead of sda3. Check output of lsblk -o NAME /dev/sda Correct output: # lsblk -o NAME /dev/sda NAME sda ├─sda1 ├─sda2 └─sda3 Wrong output: # lsblk -o NAME /dev/sda NAME sda ├─sda1 ├─sda2 └─sda4 Solution: $ sudo -i 1) Create partition table backup # sfdisk -d /dev/sda > sda.bkp # cp sda.bkp sda.new 2) Edit partition table file # vi sda.new 3) Enter edit mode by pressing "i" and change /dev/sda4 to /dev/sda3 For example if you have Change the number 4 to 3. Nothing else should be changed in the file! To save press ESC then :wq! and Enter. Apply new partition table # sfdisk --no-reread -f /dev/sda < sda.new Now you can boot from iso and continue upgrade. Upgrade procedure from 5.1 Ubuntu to 6.0 Astra is described below Installation is described here https://support.kaspersky.ru/KATA/6.0/en-US/243480.htm But, we have some differences here Upload kata-cn-astra-upgrade-6.0.0-200-x86_64_en-ru.tar.gz to /data Then move to *****@*****.tld:~# cd /data Execute tar xvf /data/kata-cn-astra-upgrade-6.0.0-200-x86_64_en-ru.tar.gz -C /data/ Execute cd /data/upgrade/ chmod +x ./install_kata_upgrade.sh source /tmp/upgrade-venv/venv/bin/activate kata-upgrade --data-dir /data/upgrade/ --password <password of the 'admin' user> Mount the iso image of Kaspersky Anti Targeted Attack Platform version 6.0 and restart the server. You have to start server from mounted ISO and select "Upgrade KATA 5.1 server" Proceed That's it, you've upgraded your 5.1 Ubuntu to 6.0 Astra Upgrade procedure from 6.0 to 6.1 is below https://support.kaspersky.com/help/KATA/6.1/en-US/246850.htm It considers upgrade from 6.0 or 6.0.1 directly to 6.0.2 - https://support.kaspersky.com/KATA/6.0/en-US/271957.htm, to 6.0.3, and finally to 6.1 - https://support.kaspersky.com/help/KATA/6.1/en-US/243480.htm 6.0 > 6.0.1 Upload upgrade.tar.gz to /home/admin directory Execute following commands below root@1.srv.node1.node.dyn.kata:~# mv /home/admin/upgrade.tar.gz /data/ root@1.srv.node1.node.dyn.kata:~# tar xvf /data/upgrade.tar.gz -C /data/ upgrade/ upgrade/images.tar.gz upgrade/install_kata_upgrade.sh upgrade/kata_license-1.0-py3-none-any.whl upgrade/kata_upgrade-1.0-py3-none-any.whl upgrade/ubuntu_image_versions.json upgrade/updates/ upgrade/updates/Packages.gz upgrade/updates/glibc_2.35-0ubuntu3.6.debian.tar.xz upgrade/updates/glibc_2.35-0ubuntu3.6.dsc upgrade/updates/glibc_2.35.orig.tar.xz upgrade/updates/glibc_2.35.orig.tar.xz.asc upgrade/updates/libc-bin_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc-dev-bin_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc-devtools_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc6-dev_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc6_2.35-0ubuntu3.6_amd64.deb root@1.srv.node1.node.dyn.kata:~# cd /data/upgrade/ root@1.srv.node1.node.dyn.kata:/data/upgrade# chmod +x ./install_kata_upgrade.sh root@1.srv.node1.node.dyn.kata:/data/upgrade# ./install_kata_upgrade.sh Processing ./kata_license-1.0-py3-none-any.whl Installing collected packages: kata-license Attempting uninstall: kata-license Found existing installation: kata-license 1.0 Uninstalling kata-license-1.0: Successfully uninstalled kata-license-1.0 Successfully installed kata-license-1.0 WARNING: There was an error checking the latest version of pip. Processing ./kata_upgrade-1.0-py3-none-any.whl Installing collected packages: kata-upgrade Successfully installed kata-upgrade-1.0 WARNING: There was an error checking the latest version of pip. Installation was successful! Then execute and wait until completion kata-upgrade --data-dir /data/upgrade/ --password <password of the 'admin' user> <<<<<<<< use ' ' symbols if special symbols are presented in password ............................................................................................................................................................ 2024-09-10 15:46:02,038.38 [kata_upgrade.context.ssh_execution_context][INFO] manager.cluster.dyn.kata: Closed ssh session 2024-09-10 15:46:02,038.38 [kata_upgrade.tasks.upgrade_base_task][INFO] Upgrade task "Update product stack sizing via management api (UpdateSizing)" completed successfully, elapsed time: 896.77 sec 2024-09-10 15:46:02,039.39 [kata_upgrade.updater.updater][INFO] WARNING: Please close all current user sessions to complete the upgrade process. Patch 6.0.1 is installed, you can check it at web UI 6.0.1 > 6.0.2 Upload kata-cn-upgrade-6.0.2-x86_64_en-ru.tar.gz to /home/admin directory Execute following commands below root@1.srv.node1.node.dyn.kata:/data/upgrade# mv /home/admin/kata-cn-upgrade-6.0.2-x86_64_en-ru.tar.gz /data/ root@1.srv.node1.node.dyn.kata:/data/upgrade# tar xvf /data/kata-cn-upgrade-6.0.2-x86_64_en-ru.tar.gz -C /data/ upgrade/ upgrade/images.tar.gz upgrade/install_kata_upgrade.sh upgrade/kata_license-1.0-py3-none-any.whl upgrade/kata_upgrade-1.0-py3-none-any.whl upgrade/ubuntu_image_versions.json upgrade/updates/ upgrade/updates/Packages.gz upgrade/updates/glibc_2.35-0ubuntu3.6.debian.tar.xz upgrade/updates/glibc_2.35-0ubuntu3.6.dsc upgrade/updates/glibc_2.35.orig.tar.xz upgrade/updates/glibc_2.35.orig.tar.xz.asc upgrade/updates/libc-bin_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc-dev-bin_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc-devtools_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc6-dev_2.35-0ubuntu3.6_amd64.deb upgrade/updates/libc6_2.35-0ubuntu3.6_amd64.deb root@1.srv.node1.node.dyn.kata:/data/upgrade# cd /data/upgrade/ root@1.srv.node1.node.dyn.kata:/data/upgrade# chmod +x ./install_kata_upgrade.sh root@1.srv.node1.node.dyn.kata:/data/upgrade# ./install_kata_upgrade.sh Processing ./kata_license-1.0-py3-none-any.whl Installing collected packages: kata-license Attempting uninstall: kata-license Found existing installation: kata-license 1.0 Uninstalling kata-license-1.0: Successfully uninstalled kata-license-1.0 Successfully installed kata-license-1.0 WARNING: There was an error checking the latest version of pip. Processing ./kata_upgrade-1.0-py3-none-any.whl Installing collected packages: kata-upgrade Attempting uninstall: kata-upgrade Found existing installation: kata-upgrade 1.0 Uninstalling kata-upgrade-1.0: Successfully uninstalled kata-upgrade-1.0 Successfully installed kata-upgrade-1.0 WARNING: There was an error checking the latest version of pip. Installation was successful! Then execute and wait until completion kata-upgrade --data-dir /data/upgrade/ --password <password of the 'admin' user> <<<<<<<< use ' ' symbols if special symbols are presented in password ............................................................................................................................................................ 2024-09-10 16:47:24,839.839 [kata_upgrade.context.ssh_execution_context][INFO] manager.cluster.dyn.kata: Closed ssh session 2024-09-10 16:47:24,839.839 [kata_upgrade.tasks.upgrade_base_task][INFO] Upgrade task "Update product stack sizing via management api (UpdateSizing)" completed successfully, elapsed time: 902.25 sec 2024-09-10 16:47:24,840.840 [kata_upgrade.updater.updater][INFO] WARNING: Please close all current user sessions to complete the upgrade process. Patch 6.0.2 is installed, you can check it at web UI 6.0.2 > 6.0.3 https://support.kaspersky.com/KATA/6.0/en-US/286625.htm Upload kata-cn-upgrade-6.0.3.sh to /home/admin Execute following commands below root@1.srv.node1.node.dyn.kata:/data/upgrade# chmod +x /home/admin/kata-cn-upgrade-6.0.3.sh root@1.srv.node1.node.dyn.kata:/data/upgrade# cd /home/admin/ root@1.srv.node1.node.dyn.kata:/home/admin# sh kata-cn-upgrade-6.0.3.sh Check that there are no errors like this root@1.srv.node1.node.dyn.kata:/home/admin# cat /tmp/ks_check_klava_patch.log before total 1016 -rwxr-xr-x 1 root root 561 Nov 15 2023 check_aapt -rwxr-xr-x 1 root root 306 Nov 16 2023 check_aptfr -rwxr-xr-x 1 root root 1592 Nov 15 2023 check_aptfs -rwxr-xr-x 1 root root 1860 Nov 15 2023 check_aptsn -rwxr-xr-x 1 kluser klusers 1011432 Oct 20 2023 check_hips2 -rwxr-xr-x 1 root root 287 Nov 16 2023 check_ksn -rwxr-xr-x 1 root root 409 Nov 15 2023 dispatcher -rwxr-xr-x 1 root root 1315 Nov 16 2023 validate_ioa_rules after total 1016 -rwxr-xr-x 1 root root 561 Nov 15 2023 check_aapt -rwxr-xr-x 1 root root 306 Nov 16 2023 check_aptfr -rwxr-xr-x 1 root root 1592 Nov 15 2023 check_aptfs -rwxr-xr-x 1 root root 1860 Nov 15 2023 check_aptsn -rwxr-xr-x 1 kluser klusers 1011432 Oct 20 2023 check_hips2 lrwxrwxrwx 1 root root 50 Sep 10 16:56 check_klava -> /opt/kaspersky/apt-scan-server/libexec/check_klava -rwxr-xr-x 1 root root 287 Nov 16 2023 check_ksn -rwxr-xr-x 1 root root 409 Nov 15 2023 dispatcher -rwxr-xr-x 1 root root 1315 Nov 16 2023 validate_ioa_rules Patch 6.0.3 is installed, it doesn't change version of product at web UI 6.0.3 > 6.1 Please follow https://support.kaspersky.com/help/KATA/6.1/en-US/243480.htm Known problem: after upgrade to 6.1 kata-collect is not found This is related not only to kata-collect console utility but also other internal console utilities Solution: $ sudo -i Edit /etc/bash.bashrc file # vi /etc/bash.bashrc Enter edit mode by pressing "i" and insert the following line in the very beginning: source /opt/venv/bin/activate Like so: To save press ESC then :wq! and Enter. After that reconnect to server via SSH. Known problem: no space on / at 6.1 sensor nodes after installation Cause: If you do not select any network interface as SPAN then suricata crashes constantly generating core files. To prevent this select at least one network interface for SPAN on sensor nodes. Solution if the problem already occured: Reinstall. Select at least one network interface for SPAN (Program settings → Configure traffic capture → Setup capture interfaces → Mark at least one network interface) If reinstallation is difficult and / is already full and you cannot get into preprocessor_span container to check its / content then: Select at least one network interface for SPAN. Change dir to docker container MergedDir *****@*****.tldr:~# cd $(docker inspect $(docker ps | grep preprocessor_span | awk '{print $1}') | grep Merged | awk -F\" '{print $4}') *****@*****.tldr:/var/lib/docker/overlay2/c3028dde07229aa8fc6f37b7ac2e04b454765b1b015ec9303ac1a35c38ffda38/merged# Check listing, it should contain a lot of core files *****@*****.tldr:/var/lib/docker/overlay2/c3028dde07229aa8fc6f37b7ac2e04b454765b1b015ec9303ac1a35c38ffda38/merged# ls -la | head -20 total 60596 drwxr-xr-x 2 root root 4096 May 18 09:36 drwxr-xr-x 1 root root 4096 Oct 24 11:12 . drwx--x--- 5 root root 4096 Oct 22 14:21 .. drwxr-xr-x 1 root root 4096 Oct 22 14:58 application lrwxrwxrwx 1 root root 7 Apr 25 2023 bin -> usr/bin drwxr-xr-x 2 root root 4096 Apr 18 2022 boot -rw------- 1 root root 11939840 Oct 24 11:10 core.103983 -rw------- 1 root root 11939840 Oct 24 11:10 core.103985 -rw------- 1 root root 11939840 Oct 24 11:10 core.103987 -rw------- 1 root root 11939840 Oct 24 11:10 core.103989 -rw------- 1 root root 11939840 Oct 24 11:10 core.103991 -rw------- 1 root root 11939840 Oct 24 11:10 core.103993 -rw------- 1 root root 11939840 Oct 24 11:10 core.104001 -rw------- 1 root root 11939840 Oct 24 11:10 core.104008 -rw------- 1 root root 11939840 Oct 24 11:10 core.104010 -rw------- 1 root root 11939840 Oct 24 11:10 core.104017 -rw------- 1 root root 11939840 Oct 24 11:10 core.104025 -rw------- 1 root root 11939840 Oct 24 11:11 core.104027 -rw------- 1 root root 11939840 Oct 24 11:11 core.104033 Remove them like so (make sure no unnecessary spaces are in the rm command) *****@*****.tldr:/var/lib/docker/overlay2/c3028dde07229aa8fc6f37b7ac2e04b454765b1b015ec9303ac1a35c38ffda38/merged# rm -f ./core.[0-9]* Reboot

Hi @Rob in Toronto, as Harlan4096 mentioned, please make sure to update Kaspersky VPN to the latest version and then recheck. If the issue persists with the latest version (21.23) please clarify, are you located in Canada? The issue occurs with any VPN country? What is the name of the Internet Service Provider?

Does Kaspersky still recommend setting Core Isolation i.e. Memory Integrity to ON? I have just installed Win 11 as update and Memory Integrity and Microsoft Driver List are set to off presumably by my already installed Kaspersky (Standard) Many thanks