Jump to content

MikeL

Members
  • Content Count

    175
  • Joined

  • Last visited

Everything posted by MikeL

  1. Which product would be the best protection for a Windows 2008 64-bit PDC server running Exchange 2007? Thanks
  2. When creating a policy to activate during a virus outbreak, do I leave the policy inactive or active? Thanks
  3. For instance, if you expand Administration Server (name), below you see "Groups". Within that "Groups" folder, you have sub-groups that are all managed by the "Groups" policies. It would be nice to be able to create another "Groups" to manage other sub-groups. This way you can have GroupsA with, let's say 3 sub-groups, all being managed by the inherited policies of from "GroupsA". Then you can create "GroupsB" with 3 more sub-groups all inheriting the "GroupsB" policies. I don't see an option for this right now, so if it is available, please let me know how to do it. Make sense? edit: Nevermind, i see where you're referring to. Under Groups, you have sub-groups. Within those subgroups you can create additional subgroups. Thanks Great to hear!
  4. Thanks, I'll check RtpState value next time it happens.
  5. No, this isn't a fresh install. It just did this out of the blue. I remotely connected to it with the Remote Diagnostics utility when this happened, and ran a trace on the antivirus and netagent. Both reported with a running status.
  6. Well actually the machine wasn't rebooted for a few hours, so I don't think this was the case. Like I said before, the machine reported to the Admin Kit as being visible and updated, it just wasn't showing the applications as "running".
  7. Yes, I attempted to synchronize the client and it reported as being visible. The Admin Kit is where the issue originated. It reported that the product on that workstation was not running, however it was running if I manually checked its services. It's since then been rebooted and now shows everything running, but that still leaves the question as to why it was reporting incorrectly in the first place. I've had an issue in the past where the Admin Kit would show a workstation as being offline, when in fact it wasn't. Any ideas on what would cause this? Thanks
  8. I have a workstation that shows up in Admin Kit as online, but reports the protection products are off. I remotely checked the services, and they are both running. Any ideas? klnagchk diagnostics report: Starting utility 'klnagchk'... Checking command line options...OK Initializing basic libraries...OK Current host is GROUP\WORKSTATION Reading the settings...OK Settings verification...OK Network Agent settings: Administration Server address: 'ip removed' Use SSL connection: 1 Numbers of the Administration server SSL ports: '13000' Numbers of the Administration server ports: '14000' Administration Server certificate: available Use proxy server: 0 Open UDP port: 1 Numbers of UDP ports: '15000' Synchronization period, min.: 15 Connection timeout, sec.: 30 Send/receive timeout, sec.: 180 Attempt to connect to the Administration server...OK Attempt to connect to the Network Agent...OK Administration Agent is running Receiving the Network Agent's statistical data...OK Network Agent's statistical data: Total number of synchronization requests: 18 The number of successful synchronization requests: 18 Total number of synchronizations: 4 The number of successful syncrhonizations: 4 Date/time of the last request for synchronization:6/16/2008 4:56:40 PM GMT (6/16/2008 11:56:40 AM) Deinitializing basic libraries...OK
  9. 1.) Self-Defense - ability to add exclusions/trusted apps to policy in AdminKit, similar to Trusted zone 2.) Self-Defense event messages - in addition to #1, show the actual process name and id rather than only the id, for adding to exclusions. 3.) Anti-Banner - Blacklist and Whitelist sites in policy from AdminKit 4.) AdminKit - ability to add additional 1st level groups for assigning single policy's to subgroups. 5.) AdminKit - ability to view which user is logged into the workstation. Symantec had this in their console, which made it easier to identify workstations. Will post more later if I think of any. Thanks
  10. Is it possible, without disabling Office Guard, to allow this computer to access this one file without it triggering this alert and blocking the macro? I already tried adding the object to the trusted zone, but got the same results. Thanks, Mike - Task : Proactive Defense Office Guard Detection of possibly infected object Severity: Critical Application: Kaspersky Anti-Virus 6.0 for Windows Workstations Version number: 6.0.3.837 Task name: Proactive Defense Office Guard Computer: WK1 Time: Tuesday, June 10, 2008 3:04:47 PM Description: Dangerous macro command in file C:\Data.mdb has been blocked.
  11. This seemed to do the trick. Thanks Damir!
  12. Damir, have you been able to look at the files I sent? Those files are still listed in the Backup with an action of Deleting. Is there any other way to delete these files from Backup? Thanks
  13. Damir, I sent you a PM. As for steps 1-3, the files didn't exist in the Backup of the local Workstation, so I couldn't try this. Thanks for the help
  14. Just a quick update on the matter, I rebooted the server this morning and it's still showing "deleting" for each of the items. Thanks Damir, I'll go through your list of items and post back with the results.
  15. Well I was hoping just Administrator privileges would be enough. The only way I've been successful so far is giving Domain Admins privileges. Thanks, Tybilly for the FAQ. What are the default privileges assigned when the account is created? Are they assigned to the user itself, or to the KLAdmins group? Thanks
  16. On a domain, what type of access is required for the account setup to deploy? Domain admins? Is there anyway for it to work with lesser privileges?
  17. Ahh yep, that could be the problem. I think I had changed this to Local System a while back. I'll set it back up to the configured account and see if it fixes it. Thanks
  18. Where can I change the default account used when deploying packages? Something must have changed, and the default gets an access denied. If I manually input an account, it works. Where can I fix this? Thanks, Mike
  19. Ok, after restarting all of the services relating to kaspersky server, it still shows the current action on each file as "deleting". Will I need to reboot the server for these files to finish deleting from backup? Thanks, Mike
  20. Tybilly, I've attempted both restarting the Admin Kit Console, and restarting the Kaspersky Admin Server service. Either one of these fixed the problem. Your correct, I'm attempting this from the backup storage of the Admin Server. I checked the workstation's backup storage, and nothing is listed. The "detected" tab shows all files deleted, so that's good. The only problem left is deleting them from the Storage/Backup on the Admin Server. I'll attempt to do the trace using the klacdtgui utility and afterwards try restarting the database and server services. Will post back with results.
  21. There are a few files in the backup storage from 2 months ago. I tried deleting them from backup, but all of the items are stuck with the action "deleting". They have been like this for hours now, and won't delete. Any pointers to get them removed? Admin Kit - 6.0.1591 Workstation - 6.0.3.837 Agent - 6.0.1591 Thanks, Mike
  22. Added this to the trusted zone, which seemed to do the trick. Thanks for the tip!
  23. Excellent utility! I'll give this a try next time this happens. Thanks
  24. Hey Tybilly, This doesn't happen too often, so it might be some time before I get to do this. When it does though, do I run this from the workstation or the server? Mike
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.