• Content count

  • Joined

  • Last visited

About JeffreyIMDS

  • Rank
  1. It seems as that we are as well having this issue with some of our users. When they are using the Save and Send option or any program that uses a share method via Outlook (because of Kaspersky which comes up with an error message) the program crashes. DMP files attached in the number below. Thank you in advance. INC000007956719
  2. If it is workable for you to include 80+ Slack exclusions per update that they release, then the answer is yes. But I ensure you that it is not workable currently. I will try and disable every component and see what it is but I would hope that there is a more reliable solution in the long run from Kaspersky itself. Slack is not an unknown application to the world to say the least but that's my side of the story.
  3. KSC 10.3.407 will that suffice? It is very strange because this only happened after the latest Slack update before that it worked like a charm. The Slack client reports that there is no internet connection available however until I disable KES I can connect just fine. The full path Test 1 (DID NOT WORK): C:\Users\<user>\AppData\Local\slack\slack.exe Test 2 (DID WORK): C:\Users\<user>\AppData\Local\slack\slack.exe C:\Users\<user>\AppData\Local\slack\app-2.4.1\slack.exe Only when adding both did it seem to connect however this makes it very hard to maintain for the rest of my users if there is no way to set a variable path. I don't understand why Slack is not considered as an application that can be Trusted as such as a normal application as well?
  4. Hello, After the latest Slack update Kaspersky Endpoint Security 10 Service Pack 1 MR2 has blocked my connection with Slack using the Windows Desktop client. I have tried different setups in the General Protection Settings, Trusted Applications to include Slack to this list however none seem to have effect. I have tested Slack with Kaspersky disabled and it seems to connect without problems also after the initial connect I can enable Kaspersky again and everything will work without a problem. The Trusted Application entries I tried: %LOCALAPPDATA%\slack\slack.exe %LOCALAPPDATA%\slack\app-2.4.1\slack.exe I also added the Slack directory to the Scan Exclusions just as a test I did this by doing this %LOCALAPPDATA%\slack\ The full installation path of Slack is C:\Users\<user>\AppData\Local\slack\ I hope anyone that can help me ! Regards, Jeff
  5. The problem for me started when using the Full KSC patch D installation which someone from support mentioned as what was going wrong with the upgrade. The advise that I got is basically restoring the backup that KSC made when you started the full installation or attempt to reinstall patch d ONLY specific to the Administration Server found here However in my case I did not have such a backup and running only the patch gave no results as the patch claimed that patch d was already installed. So we rolled back a snapshot of the VM it was running on to before the installation as I like to work with snapshots. I understand that not in every environment this is the advised way of fixing this however and this was for me atleast much easier to do then other procedures. Instead of the full installation after the restoration of the snapshot I installed ONLY patch d specified files for KSC's Administration Server found here: and NOT the full install as I think more people did. After this the patch applied without problems and I was able to get into KSC again. I hope the fix mentioned here will fix it for most people as that information was not available in the time of our restoration.
  6. I just installed patch D to the existing KSC 10.2.434. I made a case for this INC00000533922 too I hope that you guys can help me are now completely unable to Kaspersky Security Center.
  7. I am having the same issue after upgrading to patch d of KSC. The application is unable to start and all the services are running fine in the background. How can I supply you with a installation log of KSC. I installed this one. EDIT: Here are installation logs I used this article to retrieve them.
  8. I have send the files over to Kaspersky. I got this back: KLAN-3338576138 and KLAN-3338533572 I have checked the computers for viruses with multiple programs (Kaspersky, MalwareBytes and HitmanPro in safemode) and can confirm they are clean (so far we know of course). This always happens using the official download and install of Google Chrome or any Chromium based browsers but I understand that you are cautious.
  9. Might this be what you are looking for? My team did most of the investigation in the first place however I am now taking over. INC000005102643 Also we received multiple "virus" alerts as well which is predictable with the new Chrome update of yesterday: COMPUTER 1: Result: Detected Object: c:\windows\temp\cr_3b43e.tmp\setup.exe COMPUTER 2: Result: Detected User: ------------- Object: c:\windows\temp\cr_2eb1e.tmp\setup.exe COMPUTER 3: Result: Detected User: ------------- Object: c:\program files (x86)\google\update\install\{4fd1a86b-c658-42af-a050-006b4833f541}\46.0.2490.86_chrome_installer.exe COMPUTER 4: Result: Detected Object: c:\windows\temp\cr_61f5e.tmp\setup.exe
  10. Here are the build numbers found one of the clients, Is this enough information?:
  11. My team found out that the update program under the Chrome setup is the problem. However I am running into the same issue that Joshua has. The interesting part is that is not every computer in the network that does this. The issue still has not been resolved and even with our testing of the Vivaldi browser (One that is based on Chromium) is being detected with the installation of it as a virus. Result: Detected User: IMDSRODEN\admin_mbaas (Active user) Object: c:\users\admin_mbaas\appdata\local\temp\cr_5da85.tmp\setup.exe Here is the mail that the system has send to me when one of my admins was trying the official chrome setup on his workstation. I have tried looking into possible differences between for example my computer and his however they are image based the same without the user configuration a side. We have now mostly just uninstalled Chrome in our network with multiple users however we are of course not happy that a software which is used so much is being deleted from the computer. As Joshua stated as well Kaspersky cleans maybe 60% of the Chrome installation after the advise is to reboot the computer. After this you are unable to install or update Chrome because the same will happen again which is a question of time. I would like to give my users the option to browse with Chrome however I cannot guarantee now that Kaspersky will leave Chrome allow. It is hard to trace because we have not yet found a pattern in its detection. We all can agree however that whenever the Task in the Task Scheduler to Auto-Update Chrome will start that the message above will happen. EDIT: Screenshot of the Quarantine in Kaspersky Security Center. You can see here our test of installing Chrome and also our attempt to install a Chromium based browser Vivaldi. Both detected: EDIT: We always used the official download for Chrome for Vivaldi
  12. I will try this however I did send to your virus lab via an other link which is clickable in Security Center. I then got notified that they were unable to reproduce the virus detection. It happens instantly when running the official chrome setup that it detects something. I will report back if I find anything or when I have a response from your viruslab. I hope that the issue will be fixed soon as managing so many users installations of Chrome is a extremely annoying thing to do. A user reported that the notification that they receive is from the System Watcher module in Kaspersky which might give a few hints.
  13. The launch day is today but they announced that they will most likely have support for Windows 10 in KES 10 in Q3/Q4. This is why I do not see support for El Capitan yet as the OS is still in Beta like you said.
  14. Seeing as there is no Windows 10 support out of the box for KES 10 at the moment as well I do not see them supporting this beta either however it might be supported in the future.
  15. Thank you kindly and I PM'ed the files to that account as requested.