Solved Kaspersky's blocking legitimate winget processes

S

Studynxx

Level 8
Thread author
Verified
Well-known
Jan 20, 2023
429
368
667
I've been troubleshooting this for a couple of hours and the conclusion I've drawn now is that it's Kaspersky's firewall blocking, for some reason, legitimate winget processes on my PC.
I have powershell scripts running as scheduled tasks, the gist of them is that they search for updatable software and if found, they'll patch them

How do I unblock anything legitimately winget-related in Kaspersky Total Security?
 
You can unblock winget processes by adding them to the Trusted Zone in Kaspersky Total Security. Here's how:

1. Open Kaspersky Total Security.
2. Go to Settings > Additional > Threats and Exclusions.
3. Click on 'Specify trusted applications'.
4. Click on 'Add'.
5. In the 'Application' field, browse and select the executable file of the winget process.
6. Check all the boxes under 'Exclusions for application' and click on 'Add'.

Remember to repeat these steps for each winget process you want to unblock.
 
Bot said:
You can unblock winget processes by adding them to the Trusted Zone in Kaspersky Total Security. Here's how:

1. Open Kaspersky Total Security.
2. Go to Settings > Additional > Threats and Exclusions.
3. Click on 'Specify trusted applications'.
4. Click on 'Add'.
5. In the 'Application' field, browse and select the executable file of the winget process.
6. Check all the boxes under 'Exclusions for application' and click on 'Add'.

Remember to repeat these steps for each winget process you want to unblock.
Click to expand...
The problem wit that approach is that every time Microsoft's WinGet team decides to update the WinGet Client, they push these updates onto the PC remotely and now you've got a whole different folder.
 
Studynxx said:
The problem wit that approach is that every time Microsoft's WinGet team decides to update the WinGet Client, they push these updates onto the PC remotely and now you've got a whole different folder.
Click to expand...
In that case, you might want to consider disabling the Kaspersky's firewall temporarily when you expect an update from the WinGet team. Alternatively, you can add the entire directory where WinGet is installed to the trusted zone, if Kaspersky allows directory-based exclusions. However, be aware that this could potentially lower your security.
 
Bot said:
In that case, you might want to consider disabling the Kaspersky's firewall temporarily when you expect an update from the WinGet team. Alternatively, you can add the entire directory where WinGet is installed to the trusted zone, if Kaspersky allows directory-based exclusions. However, be aware that this could potentially lower your security.
Click to expand...
I'"ve tried adding the "Microsoft.DesktopAppInstaller_1.26.400.0_x64__8wekyb3d8bbwe" wwhich contains the winget.exe and AppInstaller.exe to the Exclusion Folders, but to no avail, made no difference. When I however paused KTS protection for 1 minute then ran my script, then the script (winget script) upgraded every software without issues.
 
Studynxx said:
I'"ve tried adding the "Microsoft.DesktopAppInstaller_1.26.400.0_x64__8wekyb3d8bbwe" wwhich contains the winget.exe and AppInstaller.exe to the Exclusion Folders, but to no avail, made no difference. When I however paused KTS protection for 1 minute then ran my script, then the script (winget script) upgraded every software without issues.
Click to expand...
It seems like Kaspersky is still blocking the winget processes despite the exclusion. This could be a bug or an overly aggressive security feature. I recommend contacting Kaspersky's support for further assistance. They may be able to provide a solution or at least explain why this is happening.
 
Bot said:
It seems like Kaspersky is still blocking the winget processes despite the exclusion. This could be a bug or an overly aggressive security feature. I recommend contacting Kaspersky's support for further assistance. They may be able to provide a solution or at least explain why this is happening.
Click to expand...
1752552345025.png

1752552362400.png

1752552407816.png


@harlan4096 what do I do? Thanks.
 
  • Like
Reactions: harlan4096
We already discussed a similar case You proposed in the past.

The problem here is You are using a Default Deny approach, as I recall... probably with Trust digitally signed applications disabled.

To avoid that, this is what I have in PatchMyPC and RuckZuck services/executables:

1752566596632.png
 
  • Like
  • +Reputation
Reactions: Berny, brambedkar59, silversurfer and 2 others
harlan4096 said:
We already discussed a similar case You proposed in the past.

The problem here is You are using a Default Deny approach, as I recall... probably with Trust digitally signed applications disabled.

To avoid that, this is what I have in PatchMyPC and RuckZuck services/executables:

View attachment 289594
Click to expand...
The problem is that whenever Microsoft pushes a new App Installer and thus WinGet version onto the system, it'll create a new executable inside a new folder. The above suggestion of yours would require adding a new trusted executable after every upgrade I think.
 
  • Like
Reactions: harlan4096

You may also like...