Is it ok to push the install of the latest version (6.0.2.690) to my systems from the Administration console that are already running 6.0.2.678, or do I have to run an uninstall deployment for all systems before pushing the new version?

Thanks

WKS supports and in-place upgrade just as regular KIS/KAV versions do.

I have begun the push to the notebooks, since they are the ones that need this new version to get around a VPN issue I was having.

So far out of 5 push installs over .678 through the admin console, 3 have crashed with a BSOD during the install/update.

What made it worse was that after a restart, the network stack was trashed and would not aquire IP address, even when using ipconfig.

All systems were running XP Pro SP2, and the only was to get network connectivity back was to uninstall KAV and re-install SP2 on the laptops. I then was able to do a manual install of KAV .690 on the laptops.

I was wondering if this isolated case or something to worry about before a push of this latest version to my other 30+ Workstations and Servers.

As a side note all 3 laptops were Dells. 2 were Latitude D620 one was a Latitude D820. all three were Core Duo systems.

Thanks

Hello,

Do you still have memory dumps available from those machines?

I have a kernel dump from one system, but upon opening it it is corrupted according to Windbg.

The other that I have is a mini-dump from another system that is ok and points to klim5.sys.

Do you have a Domain or a Workgrop?

The Network problems are due to the NDIS filter. It is not isolated to your company -- I've witnessed the same issues, though it does seem to be more prevalent on Dell systems.

Though the Kaspersky reference guides say it's not suggested to just "uncheck" the NDIS filter, this is the quickest way to alleviate your issue.

Go into the properties on the Local Area Connection, uncheck the Kaspersky NDIS Filter. This will cause your computer to hang up -- after about a minute do a hard reboot (it may resolve itself, but it seems to stay frozen for at least 40 minutes -- the longest I left it). Once you reboot, your networking will be back to normal, though you will have supposedly lost some of the anti-hacker components.

Granted that can be the solution. However, without memory dumps its not prudent to conclude what the actual error was

Fair enough. I've seen the error on over 20 individual clients now -- that is the easiest way to fix it, which when dealing with it wiping out a quarter of your network, is usually what you're looking for versus the theoretical reason it actually failed

It may also be worth noting on the majority no error is thrown, nor any minidumps generated. I was lucky to ever have it BSOD the first time so I could figure out how to get the clients back up

If you get BSOD you should open a support ticket and let them know:
http://kaspersky.com/helpdesk

I another problem upgrade a Dell again. The system was running .678 and I was once again trying to update it (this time manually at the laptop) to .690.

It did a hard lockup and I had to do a forced shutdown. On reboot it was going nuts saying the the Explorer process was "INVADER" and that my touchpad software was a KEYLOGGER. I had to shut down the service and try the reinstall again. It went fine this time and I was able to reboot and syncronize with the admin console and it appears ok now.

Alps Toch Pad drive is indeed a keylogger, you should add it to TrustedZone at the bottom of the popup balloon.

Alright mate, I had the same problems deploying Kaspersky 6 to a hospital were some of the NIC card would start causing issues in connect back to the network after the NDIS stuff is installed. I remove the NDIS and upgraded the NIC driver to the latest version and it work fine. I also started to upgrade certain NIC card drivers before install to pervent the problem.

Updating NIC drivers is documented in support KB

Hi Adam

Question: What are the disadvantages of removing NDIS. Would the web antivirus still work?

Thanks

I thought I would quickly add the resolution that I was told by the KAV support desk. I was told that NDIS filter is for Windows VISTA and the how it handles new NDIS 6.0 drivers. Note some people above were relating this to XP SP2, I have SP3 installed so ignore that red herring.

The problem occurs on Windows XP machines where there is more than one driver installed against the network cards. KAV gets confused. I was told to recreate the workstation package, removing the NDIS support and redeploy to XP machines. Obviously you do want to keep NDIS support for Vista machines so clearly name the two packages.

From Kaspersky....

To install KAV workstation without NDIS via AdminKit, before creation of the installation package, you need to modify on the Admin Server file .kpd (it is a text file):
In section [Setup]
Replace string
Params=/s /v"/qn AKINSTALL=1" (this is by default) to Params=/s /v"/qn AKINSTALL=1 NOKLIM5=1"

Save changes (make sure you save it not as .txt file but as .kpd file).
The location of the .kpd file will be in the C:\KAV\winworkstion\english\ folder.


Then create new package with this changed file and push it to the workstation.

More information about NDIS can be found here
http://support.kaspersky.com/kav7/tech?qid=208279317