Jump to content

Peter222

Members
  • Content Count

    45
  • Joined

  • Last visited

About Peter222

  • Rank
    Candidate

Recent Profile Visitors

785 profile views
  1. Looks like we have the fix. Support issued PF3121 which seems to resolve the issues. We are still doing preliminary testing, but it looks good right now.
  2. I already have incidents open with support. INCIDENT #: INC000008523184 The issues on Win10 RS3 and Netmotion are occurring with the KES10SP2 and KES10SP1MR4 clients and the Netmotion Mobility client 11.31: KES10SP2 - startup & shutdown delays (over 5 mins) and system sluggishness with delays opening and launching applications KES10SP1MR4 - no delay issues, but internet browsing is not working at all in any browser
  3. Just curious if anyone else been experiencing this type of issue with this software combination? The issue only shows up when Win10 PCs are updated to Redstone 3 (1709). On some test machines, the startup delay can be around 5 minutes and more. The temporary fix we have for an urgent deployment was to uninstall the KSC Network Agent (10.4.343, latest patch A) on machines and run the AV standalone. Not a permanent solution though. Working with Kaspersky and Netmotion support...
  4. Have an incident open regarding this issue: INC000008055876, but not getting anywhere with it. The Critical fix KB13463 (http://support.kaspersky.com/13463#block1) was suppose to add functionality to the Trusted Zones feature to trust processes not only by path and hash, but by path only if desired. The problem with the default functionality is that we have backup software on servers of different versions and what happens is that the filenames are the same between versions, but the file hashes are obviously different, and KS4WS overwrites the trusted processes based on the filename and it's not looking at the file hash. The new functionality also seems half baked in terms of the fact that I had to create registry files and a batch file to push it out to the KS4WS servers (to allow path only trusted processes). This functionality should be included in KSC instead of having to craft registry files, create packages, etc. Not all servers are in a domain either, so group policy is not an option. When trying to add path only in the local console or KSC policy I am unable to add a path and can only browse for local files. See screenshot. I even created XML exports of the various backup executables from the KS4WS servers but when I import them into the KSC policy, again, it overwrites based on the file name instead of looking at both the filename and hash. I was initially told that the backup processes also need to be added to trusted processes after I had some issues with KS4WS blocking some files used by the backup software. After excluding these folders in KS4WS policy at least this issue went away. No the issue of adding the backup software executables as trusted processes remains.
  5. Was surprised to see hundreds of PCs requiring a restart after I received the daily protection report. There are some machines that need to have scheduled reboots since they run 24/7 serving a certain function on the network (time card polling, etc) which is an administrative headache. Hoping not to see anymore of these in future.
  6. There is 4GB free space on this machine because as I mentioned before I've been trying to run traces to try capture the traces when the problem occurs and the trace files have grown rather large. Regarding network agent problems, I connect to the network with our KSC server with VPN periodically. When I'm not on VPN the Network Agent won't be able to connect to the KSC server and is probably logging errors that it can't connect. I haven't had any problems in the past with the KES10SP1MR3 client. I have also uninstalled the KES10SP2 client completely along with the network agent (10.4.343) and have reinstalled from a KSC standalone package with updated databases. So far, I haven't seen the problem return yet, but I'm continuing to monitor this machine.
  7. I've uploaded the GSI log here: http://www.getsysteminfo.com/read.php?file...4a01fd9b77f1ed8 There is no particular scenario that I can identify to recreate the slow down. Sometimes even the Win10 login screen is delayed from showing the users after a reboot, but this is not consistent either.
  8. On the more severe instances I encountered on my laptop it appeared that the OS was hanging. I could move the mouse pointer around but nothing would respond: Windows Start Menu, Ctrl+Alt+Del, anything from the OS. Otherwise, what I've encountered more often and what users are complaining about is the delay when an application is opened. However, I also cannot launch any other applications during the delay. I haven't time it but approximately 10-15 seconds of delay (which is not normal behavior). I've generated the GSI report with event logs (but the file upload says it only allows 300K uploads), but am trying to capture a trace with the slow down. The problem is that it's so intermittent that at the moment my trace files are growing too big and I've had to disable tracing. KES10SP2 did generate some application dump files across some of the restarts that I sent off to Kaspersky lab when it prompted me.
  9. Anyone seen this issue? I've run into this problem before with older KES10 versions and am seeing it again with the latest KES10SP2. We've started upgrading clients from old KES10MR1 (uninstalling and installing the new KES10SP2 client) and some users are complaining that applications are slow to open with the new KES10SP2. I'm also seeing this on my machine. It's hard to pin down when the issue occurs, and now that I'm enabled tracing, I'm not seeing the issue yet. The issue manifest a couple of times where the machine appeared to lock up, but then became usable again after a while (where the Windows start menu would open again). There was one time where it was just taking way too long to become usable again and I had to perform a hard reboot.
  10. Is there a KSC report or maybe a device selection that can be created to display the OS version and/or OS build numbers? This information is available if you click on KES clients individually in KSC and go to System Info\General. Anyway to query this info so I can get it into a spreadsheet or CSV export?
  11. Respect Win10 metered connections Have KES respect metered connections (which are expensive capped mobile connections in a lot of countries) and not perform updates on these types of connections, especially if they're mobile. At least have an option somewhere where you can toggle this for KES updates.
  12. I'm testing with the Mobility version 11.01.15791 and during install I've noticed that it now adds the registry "fix" for the 10.72 version automatically, but under a different string value name, with the same value (avp.exe). I have not tried falling back to MR2 and then updating to MR3 with the Mobility 11.01 client, because I've already updated to the Win10 Anniversary Update (Redstone 1) which is only compatible on MR3. From the incompatibility list text file that accompanies MR3 the Mobility Client versions that will be uninstalled are all 10.72 flavors (Win7 32/64 bit and Win8-10 32/64bit). I don't suspect 11.x would be uninstalled because it's not listed. All existing Mobility 10.72 clients would be your problem child and would need to be upgraded to version 11 prior to installing MR3 or approving it in KSC.
  13. More control over local tasks rather than just disabling them in KSC policy! There is no ways to run a local vulnerability scan task so the user can see vulnerabilities reported in the local KES interface when the KSC policy has local tasks disabled. For IT administrators at least have a report that will show the vulnerabilities on the KSC server by computer. I see most people are disabling the local tasks because of the preset full scan which does not work with maintenance schedules. Again, please allow more control over the local tasks from the KSC server rather than just disabling them. You can't replace the vulnerability local scan tasks with a group task because you don't see the results on the local KES client interface.
  14. Created new incident INC000006577341 and attached the requested files. Added previous incident number INC000005714545 (1/29/2016) to the case for reference.
  15. I cannot produce a GSI report since I cannot login to the desktop because of the freeze/lock up issue. The only way to get this working is to add the Netmotion reg key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NMDRV\Params\Mobility Client\NoDllHookProcesses] "KasperskyAvp"="avp.exe" I don't know if this will hamper troubleshooting, but I will go ahead and create a new company incident and post the number here.
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.