Hi,
SS15 shows many of kaspersky module as unsigned. when i contacted kaspersky, they said all their product as signed. any advise?
Thanks
Thanks
2 Likes
If you paste the hash into VirusTotal what does it show?
If you go to the location of the executable (use SpyShelter to do so) then check its properties, is it signed?
Hi,
I just checked Kaspersky Password Manager’s properties and it does shows digital signature
I am attaching snapshot.
BR
If you go to the SpyShelter “About” window, what version do you have? Click the top right settings icon, then choose “About”.
SS Version 15.1.0.567
Could you email us one of the executables zipped maybe, or get it to us by using a cloud service? Of course none of your private info is needed, we just need a Kaspersky .exe alone.
You could also post all the hashes of these with the exe name next to each one. SpyShelter has hashes in the info drawer. Having the full .exe would help us the most, but hashes may help too.
This info will help us investigate further to see if the certificate could be revoked for example. @rizwansiddiqui
Please find below hash for Kaspersky Native Messaging Server
7B51E4684D2A447BD90922ABC377487A5D0A1E6D
1 Like
|Kaspersky Native Messaging Server - 7B51E4684D2A447BD90922ABC377487A5D0A1E6D
|Kaspersky Password Manager Isolation Loader - BA78A05BF314830E014340430F79AFC9B1C8D104
|Kaspersky Password Manager - 1CB801FECF05C93D64F5E84FA6CC565263CE823E
|Kaspersky - 7121C479722CD5C9F6A8577BBF33F85427F8E642
|Kaspersky Lab Launcher - E49EBE26608FE4910A8636CEC9FC3D6976880EC0
|Kaspersky Password Manager Service - 8A34B8899C024EDDE73A2869D0542AAA65386E20
1 Like
Thank you. We will try to figure out how this “unsigned” designation is possible inside SpyShelter.
When we search these executables on VirusTotal.com it doesn’t seem to show them as unsigned there.
Hi,
This is latest prompt received today from SS
Hash# 5F1E38053FB72D8C4F8ED8BE53FF25A3C0ABF3DE
Thanks
Br
1 Like
Sorry for the issue. It should be solved in the next release.
1 Like
The issue is still not resolved. any update? Today during KIS update i get multiple prompts with “Publisher: Unknown”
If you go to that executable (use SpyShelter’s Path feature and click the link) and then right click the .exe and choose properties, is it signed?
If you go to SpyShelter’s top right cog menu then choose “About” what version do you have?
Just checking in on the questions above? Mentioning you, in case you didn’t see my response.
Sorry again for the issue.
We will set up a virtual machine where we’re running the Kaspersky software so we can try to recreate this.
Is it possible the certificates could somehow be revoked due to the US embargo on Kaspersky? We searched online and did not find this to be an issue, but this problem hasn’t come up before with SpyShelter so we’re not sure what’s going on.
We’ll continue to try to reproduce the issue. Thanks for reporting it.
Hi, Any update on the issue. During recent KIS update before 2 days, again SS flagged KIS files as unsigned.
That sounds very annoying and frustrating. I apologize.
We were unable to recreate the issue yet. Has anyone else viewing this thread recreated this issue with Kaspersky? Posting here will help us find the issue, so please consider making a SpyShelter forum account and chiming in.
I did have another user who reported a similar issue for another software (not Kaspersky). I found that his date/time for Windows was set far in the future so it caused this unsigned issue. Is it possible your date/time on your PC is wrong?
To check or adjust the date and time on your Windows 11 PC, you can use the Control Panel. Press the Windows key + R to open the Run dialog box, type control, and press Enter to launch the Control Panel. Navigate to Clock and Region, then click on Date and Time to view or modify settings. If this doesn’t apply to you please don’t take offense… I am just posting it in case others in the future have an incorrect date/time so we don’t get posts here that are unhelpful with us solving this.
Perhaps we cannot recreate this because we are in the USA, and due to Kaspersky’s USA ban the software behaves differently or something like that? Can you say if you are outside the USA? Maybe if we use a VPN or something in our VM.
Thanks for prompt reply.
Date and time is correct.
I live in KSA.
1 Like
I reported this info to our team. Perhaps they can run Kaspersky in a VM again with a different VPN location and see if suddenly we can recreate the issue so we can investigate/solve it.
I also wonder if the cert checking method we use reports Kaspersky certs as illegitimate or something like that due to the USA ban. I will ask our team if that could be the case since we are based in the USA.
Sorry for the issue and thanks for your patience.