Jump to content


  • Content count

  • Joined

  • Last visited

About Michel-B

  • Rank

Recent Profile Visitors

165 profile views
  1. Michel-B

    Pulse Secure client setup error

    Thank you. As this is a workaround, is a permanent solution being developed? I'd like to know, because msiexec.exe is a very generic and widely used process.
  2. Michel-B

    Pulse Secure client setup error

    Thanks for the reply. You are correct that this is because of self defense. When I disable it, the setup continues succesful even with all KES components enabled. I've created 2 install logs, one with self-defense (install fail) and the other without (install success). Is this something that has to be fixed by Pulse or can Kaspersky create a fix for this? pulseclient_install_logs.zip
  3. Michel-B

    Pulse Secure client setup error

    First KES is installed. After that, I try to install the VPN client with KES running. It will not install, even if I shut down KES. I can only install the VPN client when I completely uninstall KES. After installing the VPN client, I can install KES again and both will function normally. The logs were created on a clean installation of Windows 7. So: Install Windows 7 Pro x64 Update Windows completely Install KES and update, reboot Install Pulse Secure client Download new trace + GSI logs here: https://nmddrive.twc.nl/my-pub/FileLink/7fc0f6f1-a316-1336-b476-b3828e9b8be5/false
  4. Michel-B

    Pulse Secure client setup error

    I've attached the KES trace files. Also, the debuglog is created by the Pulse Secure setup. KES. debuglog.log
  5. I've never tried it this way (I've always use Update Agents or create a standalone package and use another deployment system), but can't you just add a network location as update source in the update task?
  6. Michel-B

    Pulse Secure client setup error

    No, nothing is shown. No events. But even when I turn off KES (Exit), it still fails. I have to completely uninstall KES for Pulse to install. Could it have something to do with a filter driver conflict?
  7. When KES is installed on a Windows 7 x64 PC, the Pulse Secure VPN client cannot be installed. The setup does a rollback halfway during the installation and the MSI fails with error 1603. When KES is shut down, it still doesn't work. Only when completely removing KES I can install the client and it works fine afterwards (with KES installed). On Windows 10, there don't seem to be any issues. You can download the latest version of Pulse Secure here: https://nmddrive.twc.nl/my-pub/FileLink/e5b6cd87-10db-30cf-c552-8dfba55a2ae2/false
  8. As with every kind of security, don't rely on a single product or feature. Solid security is built from many layers. Solely focussing on Kaspersky it would be something like this: 1. Virus comes in through a webpage of e-mail --> Mail and Web Anti-Virus 2. If not detected by previous --> Application Startup Control can make sure you cannot run scripts of executables if you're working with a whitelist 3. If not blocked by previous --> File Anti-Virus with a signature or heuristic could detect it 4. If not detected by previous, the cryptolocker is able to run --> Application Startup Control can minimize the impact the process can do on your endpoint 5. When the cryptolocker is running --> Anti-Cryptor with Untrusted Host Blocking can make sure the encryption of files on your file servers is stopped before you can do serious damage Of course it starts by minimizing the risks of malware entering your company. For example: - A decent spam/virusfilter for your e-mail solution - IPS/IDS on your gateway - Blocking unknown USB disks with Device Control or something similar If all of these mechanisms fail, you're screwed, but the chances are fairly small if implemented well. If you, however, rely just on a File Anti-Virus scanner and that component fails to catch it, you're already screwed.
  9. Thank you! "Resolved" for now.
  10. I think we have figured it out. We're using TPM in conjunction with Bitlocker and require a 4 digit PIN. Since the Creators Update, a 6 digit PIN is required. Source May I recommend Kaspersky changes this as well, or at least show a warning and/or provide documentation. The error codes that KES/KSC provides are very vague.
  11. Are their any known issues with Bitlocker FDE and the Windows 10 Creators Update (Redstone 2)? We're trying to setup Bitlocker full disk encryption on a HP Probook 650 G2 with Windows 10 1703. Clean install. When we reinstall the same notebook with Windows 10 Update 1607 it works without any problems. In that case, we use the exact same installation package, policy and installation procedure. The following message appears in the Kaspersky event log: Failed to prepare the system volume for encryption. KES (strong encryption) KSC 10.4.343
  12. Michel-B

    NotPetya [In progress]

    Are you able to edit files on an encrypted laptop? The answer to that question is obviously yes, so the same goes for a cryptolocker.
  13. Whatever the previous latest version was. SP1 MR3. But I don't think this has anything to do anymore with the upgrade itself. It just seems that since SP2, you cannot use these variables anymore, just like you cannot and a folder path with just a \ anymore and need to add *. I have recreated the policies and categories from scratch, so they're now all new in SP2.
  14. Yet, there's no support articles that reflect this change. Other question related to this: Before I was able to use variables in the folder path. For example: %userprofile%\AppData\Local\* or %localappdata%\Microsoft\* Can you please verify if this is still supported? Executables added to the whitelist with these folder paths are not allowed anymore since upgrading to SP2.
  15. Still, if this is the solution it's unacceptable. Why has this behaviour suddenly changed?

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.