11.2 Behavior Detection breaks Applications writing to shared drives

  • 29 November 2019
  • 10 replies

Just a warning we now have two applications in house that cant overwrite files on network shares/mapped drives with this option enabled.  Disabling “Protection of shared folders against external encryption” removes the problem as I worked with support on this case  INC000011020891.  Working on traces/log collection but I am very hesitant to disable this important feature. Anyone else?

10 replies

Userlevel 1


you should request the private fix pf6008 using the mentioned Company Account Portal.

Userlevel 7
Badge +8



Please open a support ticket in the Company Account, send gsi and traces for review.


Similar problem here.  What did you all end up doing to address the issue?  Is there a new release somewhere with a fix?  I’d also be happy to test that the fix works as expected.

Userlevel 1

pf6008 solves our issues (see also other topic).

I concur. Since 11.2 and with Behaviour Detection protection for file shares enabled, we have 2 apps, that can create files, but cannot write data to them. Exception being files around 2 KB or smaller.

Userlevel 1

we have the same issues.

If you have a fix, I can test it (would test it).


Further to this another option which i am using from support is to trust the path/application in the policy/general settings/exclusions/trusted apps.  This works for now and should be much better than disabling the protection above!

Userlevel 5
Badge +2


INC000011020891 is under investigation now.

Please await for an answer within the incident.

Thank you for cooperation!

Same problem here!

Overwriting a file in a mapped drive is blocked without notice.

Writing is not a problem.


Today I noticed similar problem like yours.

Users of our accounting software they had problem to generate some reports in this sw. These reports are generated to mapped drives / shared folder.
I didn´t have enough time to solve it, the only thing, which helped was to dissable the kaspersky antivirus. So as an temporary workaround we decided to deploy the earlier version v10 of Kaspersky Endpoint Security :(

I see now, that we are not alone!

Don´t upgrade to the new  version !!! :(

Reply / Ответить