Kaspersky Premium (shows as unsigned)

Hi,

SS15 shows many of kaspersky module as unsigned. when i contacted kaspersky, they said all their product as signed. any advise?


Thanks

2 Likes

If you paste the hash into VirusTotal what does it show?

If you go to the location of the executable (use SpyShelter to do so) then check its properties, is it signed?

Hi,

I just checked Kaspersky Password Manager’s properties and it does shows digital signature
I am attaching snapshot.

signature

BR

@rizwansiddiqui

If you go to the SpyShelter “About” window, what version do you have? Click the top right settings icon, then choose “About”.

SS Version 15.1.0.567

Could you email us one of the executables zipped maybe, or get it to us by using a cloud service? Of course none of your private info is needed, we just need a Kaspersky .exe alone.

You could also post all the hashes of these with the exe name next to each one. SpyShelter has hashes in the info drawer. Having the full .exe would help us the most, but hashes may help too.

This info will help us investigate further to see if the certificate could be revoked for example. @rizwansiddiqui

Please find below hash for Kaspersky Native Messaging Server

7B51E4684D2A447BD90922ABC377487A5D0A1E6D

1 Like

|Kaspersky Native Messaging Server - 7B51E4684D2A447BD90922ABC377487A5D0A1E6D

|Kaspersky Password Manager Isolation Loader - BA78A05BF314830E014340430F79AFC9B1C8D104
|Kaspersky Password Manager - 1CB801FECF05C93D64F5E84FA6CC565263CE823E
|Kaspersky - 7121C479722CD5C9F6A8577BBF33F85427F8E642
|Kaspersky Lab Launcher - E49EBE26608FE4910A8636CEC9FC3D6976880EC0
|Kaspersky Password Manager Service - 8A34B8899C024EDDE73A2869D0542AAA65386E20

1 Like

Thank you. We will try to figure out how this “unsigned” designation is possible inside SpyShelter.

When we search these executables on VirusTotal.com it doesn’t seem to show them as unsigned there.

Hi,

This is latest prompt received today from SS

Hash# 5F1E38053FB72D8C4F8ED8BE53FF25A3C0ABF3DE

Screenshot 2024-07-02 215945

Thanks
Br

1 Like

Sorry for the issue. It should be solved in the next release.

1 Like

The issue is still not resolved. any update? Today during KIS update i get multiple prompts with “Publisher: Unknown”

If you go to that executable (use SpyShelter’s Path feature and click the link) and then right click the .exe and choose properties, is it signed?

If you go to SpyShelter’s top right cog menu then choose “About” what version do you have?

@rizwansiddiqui

Just checking in on the questions above? Mentioning you, in case you didn’t see my response.

Files are digitally signed. SS 15.2.0.801

Screenshot 2024-11-14 192157

1 Like

Sorry again for the issue.

We will set up a virtual machine where we’re running the Kaspersky software so we can try to recreate this.

Is it possible the certificates could somehow be revoked due to the US embargo on Kaspersky? We searched online and did not find this to be an issue, but this problem hasn’t come up before with SpyShelter so we’re not sure what’s going on.

We’ll continue to try to reproduce the issue. Thanks for reporting it.