Jump to content


  • Content Count

  • Joined

  • Last visited

Posts posted by saladbowl

  1. Hi All


    I am having a continuing problem with excluding processes from kaspersky. Each day i get between 100-200 alerts for Svchost.exe, Winlogon, Dumpreg.exe ect ect. All system processes. When i have scanned the machine it comes up clean. I want to exclude these processes from scanning. I have read the FAQ's and tutorials, followed the instructions and it still does not work. Can someone give me a rundown of exactly how they got their exclusions to actually work as im at a loss.


    Using Kaspersky Administration Kit Version: 6.0.1710


    Kaspersky for Windows Workstations Version:


    Running on Windows Server 2003 SP2


    Clients are all XP machines SP2



    I am using Kaspersky Anti Virus for Windows (Version 6)

    Gone to Settings


    Trusted Zone > Configure


    Under Trusted applications i have added svchost.exe and under Exclusion Masks i have added the same with the verdict as *


    Object name is svchost.exe and Checking Tasks is ANY


    This process is still not being exlcuded as below:


    Event Detection of possibly infected object happened on computer ******* in the domain ******* at Tue Sep 22 16:05:25 2009 Running process C:\WINDOWS\System32\svchost.exe: detected modification of riskware 'Invader'. Kaspersky Anti-Virus 6.0 for Windows Workstations Critical **.*.*.*


    Can anyone run me through the process of excluding files that they got to work on their Admin Kit?


    Many thanks

  2. Hi


    I cant speak for everyone but in our forest, it is simply the main (domain.com) OU i have with only our machines in it. For the other slave server sites, these are usually added under Administration Servers anyway and have their full expandable forest should you wish to manage. So for tidyness i Simply use the main OU for the Master Server and the Administration Servers group for the slaves. Keeps it less cluttered otherwise.



  3. Thanks for the reply


    Did open up a support case with Kaspersky but getting nowhere fast with it. We use Watchguard firewalls with V10 software. All the correct ports are opened and VPN access is done through the Cisco router and associated permission groups. Normally i would agree and simply wait for the user to come into the office to push any new policies, but the problem here is that we have 4 other offices in different countries. I have to sometimes configure and then send the machines to those offices, and even then the recieptant is not normally based in that office for long as they would be out meeting clients. I have gotten round part of this problem by using slave servers, but this is not a possibility in all offices as 2 of the offices are not direct employees of the company, only subcontractors, therefore a slave server is not permitted by their internal IT.


    I do not believe this is necessarly down to the firewall i will be connecting to, as i have tested this with a standard router, with a mobile broadband data card, and with a standard, non routed single unmasked IP connection (home connection with no switch or router so no firewall or port blocking) and none will synchrinise with the Admin console over VPN.


    Any other ideas? I can provide further details of any equipment and logs if necessary



  4. No more responses?


    I would have assumed this is an issue others would have experienced.


    Must say dissapointed with the level of support from Kaspersky (which is why i came here) and it would seem their forum to (4 days, 104 views and only 1 generic response)


    Can anyone provide any real-life experience of this issue and how it was overcome?


    Many thanks

  5. Hi


    Thanks for you response. I already read through this article before posting here, and can confirm that ports 13000 and 14000 are open on the server and listening. I cannot manually synch with any machine that is connected to our network over the vpn. The machines have the Net agent installed and the Anti virus app. Filesharing is turned on on the laptops.


    This is what i really need some assistance with.


    Any other advice i can try?



  6. Hello to all


    Using Kaspersky Administration Kit Version: 6.0.1710


    Kaspersky for Windows Workstations Version:


    Running on Windows Server 2003 SP2


    Clients are all XP machines SP2


    I am having difficulties in connecting to machines over the VPN with Kaspersky Admin Kit, normally laptop users. These users have the Kaspersky for Windows Workstations installed on the laptops when they were in the office connected to the network, all was fine. I set the update policy for laptops to look towards the Kaspersky Lab servers first then the Admin Server. All is well so far except a small change i made in the Laptops policy is not being pushed to machines that are currently connected to the VPN, nor can i sync with them.


    I have searched a little through this forum and the only thing i can find on this is opening UDP ports, whilst i can do this for my firewall at the office, i obviously cannot for each of the other offices or the home users who use a mixture of routers. I would have assumed Kaspersky would use a default port not needing to be configured?


    Could one of you knowledgeable people please give me some guidance on pushing a policy update to machines connected via VPN?


    Many thanks for any assistance you can provide.

  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.