Unable to Remotely Control or Configure Kaspersky using Remote Access Software
An antivirus software must be efficient in detecting and blocking a malicious software to ensure that the computer stays safe while connected to the Internet or network. Other than that, the antivirus must also be very good at protecting itself to prevent its processes from being forcefully terminated or modified by an external application so that it can continue to run on the system and monitor for suspicious activity.
A simple example is attempting to end the avp.exe process that belongs to Kaspersky using the Task Manager and it shows an “Unable to terminate process” error window with the message “Access is denied”.
The example above is only a very basic self defense mechanism and it actually protects much more than that. A unique feature found in Kaspersky but is not available in other antivirus such as Avast, Avira, AVG, ESET, Bitdefender and Norton is the ability to prevent most third party remote access software from interacting with the program’s interface. If you’re connected to a remote computer using a remote access software, you won’t be able to configure and control Kaspersky as the graphical user interface does not respond to mouse clicks.
While this is a safety feature to protect Kaspersky, it can also be a possible annoyance when an administrator legitimately wants to remotely configure the antivirus or internet software.
From what we’ve tested, Kaspersky versions 2010, 2011 and 2012 block all remote control programs except for the Remote Desktop Connection that is built-in to Windows from controlling Kaspersky. Starting from version 2013 onwards, it has started allowing some third party remote desktop applications such as TeamViewer and LogMeIn to remotely control and configure Kaspersky. As for other remote access software such as Ammyy Admin, ShowMyPC, NoMachine, Radmin, imPcRemoteInstant, Firnass, Google Remote Desktop, GoToMyPC, DameWare Mini Remote Control and RealVNC, they are all prohibited from remotely controlling Kaspersky.Since this restriction is due to the self protection system, disabling Kaspersky’s Self-Defense will allow any third party remote access program from controlling the software remotely. Kaspersky’s Self-Defense can be disabled by clicking Settings from the main GUI.
Select Additional from the left hand sidebar and click on Self-Defense.
Uncheck the “Enable Self-Defense” checkbox and the setting takes effect instantly.
While disabling Self-Defense in Kaspersky will allow third party remote access applications to control the program, it is not an ideal solution because this will also potentially allow malicious software that is hiding in the system to terminate or modify the antivirus program. A safer and recommended solution is to add the remote access program to the “Trusted applications” list allowing it to interact with Kaspersky’s interface.
Click on Settings from the Kaspersky’s main graphical user interface. Go to Additional and click on Threats and Exclusions.
Click on the “Specify trusted applications” button that is located below the “Configure exclusion rules”. Do take note that you want to add the remote control software into the trusted applications list and not as an exclusion. Click the Add button from the “Trusted applications” window and click Browse to choose the files that belongs to the remote control software. Finally tick the “Allow interaction with Kaspersky Anti-Virus interface” checkbox and click OK.
The file will be listed in the trusted applications and will be allowed to remotely control Kaspersky software. Which files need to be added to the trusted applications list varies. If the server/host file is only a single executable file, then adding that file alone to the trusted zone will work. However for some software such as RealVNC server, multiple files are installed in the program directory, you need to add the correct working server executable file to the trusted zone.
Final Notes: As we’ve mentioned earlier, we’ve tested a number of popular remote access software and found that only a very small number of software is allowed to remotely control Kaspersky software and they are Remote Desktop Connection, TeamViewer and LogMeIn. If you know of any other remote access software that can control Kaspersky without disabling self-defense or adding it to trusted zone, please do leave a comment and we’ll add it to the list.
use on screen keyboard, alt+tab to get to the Antivirus screen
then tab to locate the option you need to run or change
enter to make changes
I did this using realvnc
It’s all a bit hit and miss. I was able to access Kaspersky Total Security via LogMeIn on a client’s computer and renew the licence even though the Self Protection box was ticked. When I first saw that Self Protection was on, I disabled it which was also no problem, but after installing the licence and then turning Self Protection back on I was locked out of the programme. Tried several times to log back in and access Kaspersky but no luck. I now have to get the client to disable Self Protection in order to address a couple of messages that the programme has thrown up. Very strange!
Hey I was facing the same issue since long.
Thanks Very Much for this,…
Thanks , It helped me a lot in KAV 2013
Thanx Buddy great help
I made an interesting find just before googling this issue and reading this article. Your information seems to be mostly correct, however there may be some exceptions to this behavior. Here’s the nutshell version of what i found…
While working on a clients workstation using teamviewer, i ran in to the same issue as you, i could open Kaspersky, but that was it, couldnt close it couldnt change any settings, nothing. I even tried using the repair feature in add/remove programs, this looked promising at first, then once it finished copying files it started again.
Being a little after midnight and needing to get this done, i was just about to start uninstalling Kaspersky, but thought to myself i hadn’t tried every route available to me. so, before blindly whacking the security software, i decided to try another route first, i first tried to remote desktop directly in to the PC but that failed, as i had added a second RDP port (3390) to that computer, forwarded it thru the firewall and was trying to configure Kaspersky to allow it as well, exactly how i discovered this problem. So i decided to take one last shot and opened a remote desktop session to their server and then opened a remote desktop session in to the PC. once connected to the PC’s desktop, (which took a while, rdp over rdp is very slow) I was able to access Kaspersky like normal without any restrictions at all, i finished the repair install, reconfigured all the special settings that were needed, added the firewall exception for the new RDP port. no problem.
When i was done, i figured it was Teamviewer conflicting Kaspersky, so i googled it and found this article. after reading your story and knowing what i just discovered, i decided to do a little more testing on this, my findings proved quite interesting! I set teamviewer up on another PC in their office and enabled incoming lan connections, i then connected to the problem pc and was able to open Kaspersky and make changes without a problem… so It would seem that these restrictions are source based. If the incoming connection is from the internet / public network, access to Kaspersky is restricted, if the connection is coming from a local / trusted network access is not restricted…
So the moral of this story is: use Teamviewer’s built-in VPN option to establish the connection, then you’ll be considered local and not restricted.
Thank you so much!! I was trying out the trial version because I’ve heard a lot of nice things about Kaspersky and the trial version reminder kept coming up and disabled all remote input into my computer. I am seriously annoyed by this “harassment”. All the more because it made me uninstall Zonealarm due to “compatibility issues”. Strange how I haven’t had any problems after I reinstalled Zonealarm after installing Kaspersky.
thank for tips…
Thx Raymond very helpful
thanks for sharing raymond
Just another reason to use KasperSky :)
All AV’s should protect themself agains “remote access”.
Thank you !
thanks for tips about fasten the Kaspersky…
the remote configuration tips is good.
Thanks Raymond, I finally understand what happened with my Kasperky when I try remote connection to my PC.
Thanks appreciated this article…
Thanks for info. I have same problem with one of my customer, so I remotely uninstall kaspersky.
Nice antivirus, but strange self-defence. You can’t modificate KAV settings, but you can uninstall protection?! :-/
Thanks Ray!
This is a very useful tip to me. Cos I faced same problem while i was working with my friends Laptop via team viewer. But I could not realize the problem that time.
Thanks alot. Share some more as well.
Good Luck!
thank u
Thanks. Your articles are always amazed me.
thanks for the great info ray! :D
thanks Raymond…
Good info.