[KES for MAC: time machine infected objects]

Hi,

Several KES for MAC are reporting infected objects within the Time Machine folder. Are they false positives? Please look at attached images.

Can I exclude Time Machine folders from the scans? I mean from the KSC policy.

[Abort restart after KES uninstallation task]

The kaspersky-reboot is controlled by its own process - i.e. h. not triggered by shutdown-command.

As far as I know, it's this process:

%ProgramFiles(x86)%\Kaspersky Lab\NetworkAgent\klrbtagt.exe
(Kaspersky Security Center Reboot Agent )

 

I never tried to stop the reboot - maybe just killing the mentioned process is useful?
However, I would not recommend intervening in this process

Regards
Alex

 

Thanks Alex.

The problem was a manager laptop countdown was almost completed and he was in a call… big problem… because he didn’t restarted the laptop before!

[Abort restart after KES uninstallation task]

Hi,

I configured KES 11.2 (KSC 12) uninstallation task with 90 minutes for computer restart.

Is there a way to stop this planned restart?

I tried with shutdown -a \\hostname (with domain admin privileges) but I received an error.

Cheers,

[KSC wrong MAC hostname resolution]

How is possible that the MAC IP is properly recorded and tasks search the other IP???

There is a way to force DNS update to KSC?

 

 

[KSC wrong MAC hostname resolution]

Then it should work with the IP address:
 

Regards
Alex

 

Hi Alexacad,

Thanks, I already tried it but all tasks fail. I also configured IP range polling with VPN addresses, found the MAC, added it to the MACs group but tasks fail and I can’t see installed KES and NetAgent…. 

It's really frustrating!

 

The first is the VPN IP, the second the hostname and the other another MAC.

 

[KSC wrong MAC hostname resolution]

Hi,

I’ve added again a MAC to our MAC-clients group and manually installed on it latest NetAgent and KES for MAC.

KSC isn’t able to reach the MAC, ping from server to MAC works fine but if I launch a task there is a wrong hostname resolution to a different IP address. MAC is remotely connected to the VPN and KSC resolve the hostname to a different IP related to the office network.

I deleted and updated host’s DNS entries and ping or tracert from server or KSC custom tools are working fine but the problem remains. I can’t see MAC status and every task fails.

 

KSC 11.0.0.11.31 patch B

NetAgent 12.0.0.35

KES 11.0.1.753

 

 

[connection to the administration server has failed for this reason]

Try with the app Kaspersky Security Center 11 Remote Diagnostics Utility and if it fail open a ticket to the company support

[Visiting a domain with an untrusted certificate]

Sorry, my mistake.

Trusted Adresses is correct, you can add IP´s or Domain Names there.

You can find it under General Settings → Network Settings.

I´m using a german interface, so i cannot give you the correct english name.

 

 

I already found it and added the IP address, now the hostname but I’m unable to properly open vSphere. Now it’s a Chrome issue not KES.

 

XXXXXXXXXX normally uses encryption to protect your information. When Google Chrome tried to connect to XXXXXXXXXX this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be XXXXXXXXXX, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.

You cannot visit XXXXXXXXXX right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.

[Visiting a domain with an untrusted certificate]

From Kaspersky Security Center, open your policy and go to General Settings> Network Settings> “Trusted Domains” button.

 

I don’t have it

 

[Visiting a domain with an untrusted certificate]

Hi,

we had the same problem with KES 11.2.

The “Trusted Domains” did not work with this release.

You can do an Upgrade to 11.3 / 11.4 then it will also work with IP Adresses.

 

Best regards

Sebastian

 

Where are Trusted Domains?

I only found Trusted Addresses or Applications.

[KES v11.3 is compatible with KSC v11?]

Hi,

Perhaps can work, but if you have problems, etc..., then the answer will be KSC v11 is not supported for this KES version.

Is your decision. My personal recomendation is update to KSC v12.

Regards

I read a lot of issues with KSC12, have you detected them?

[KES v11.3 is compatible with KSC v11?]

I hate this way to force users to update KSC!

I didn’t noticed it and we’re using KES13 with KSC11 without evident issues… I hope we won’t face compatibility issues

[MAC NetAgent 12.0.0.35 KES 11.0.1.753 and KSC11 B]

Thank you Caos

[KES v11.3 is compatible with KSC v11?]

Thanks for the news. Is 11.3 compatible with KSC11? I’m using it without issues

[MAC NetAgent 12.0.0.35 KES 11.0.1.753 and KSC11 B]

Hi,

Are latest NetAgent for MAC 12.0.0.35 and KES 11.0.1.753 fully compatible with KSC 11.0.0.31 B?

 

[KES 11.2.0.2254 always shows restart is required after CF1]

 identical problem for two of my clients around 600 workstations total since maj 11.2 each time windows tuesday was updated. two restart required one for maj windows the other for kaspersky this becomes painful I just went to 11.3 I am waiting to see if the problem has been solved.

 

I am amazed that there is little back on this problem.

 

I absolutely agree with you, too few answers, if you don’t solve it open a ticket on the company account page.

https://companyaccount.kaspersky.com/account/login

[KES 11.2.0.2254 always shows restart is required after CF1]

It happened on all KES 11.2.0.2254 that received CF1

[KES 11.2.0.2254 always shows restart is required after CF1]

same issue. had to restart several times in order to get rid of this message.

 

Yes, after a lot of restarts seems to be solved!

[KES 11.2.0.2254 always shows restart is required after CF1]

Hi,

Could you please provide us with GSI log from one of affeected host?

Thank you!

 

Hi Nikolay, what emerged from the analysis of the GSI log?

Please let me know.

[Visiting a domain with an untrusted certificate]

Unchech the “Scan encrypted connections” checkbox

 

 

I have the same issue with our vSphere, could you tell me how to permanently solve this issue?

[KES 11.2.0.2254 always shows restart is required after CF1]

This is GSI log, thank you.

[KES 11.2.0 for Windows (version 11.2.0.2254): Critical Fix 1]

Ciao a tutti.

Ho approvato il CF1 e adesso tutti i relativi client rimangono sempre con la richiesta di riavvio anche a distanza di una settimana e con dozzine di riavvii.

Qui c’è il mio post. Come si può risolvere?

https://community.kaspersky.com/kaspersky-corporate-products-27/kes-11-2-0-2254-always-shows-restart-is-required-after-cf1-7638 

[KES 11.2.0.2254 always shows restart is required after CF1]

Hi.

I have this problem with all KES 11.2.0.2254, it happened after patch CF1 so please let me know how  to solve it. It’s not a normal behavior, it shouldn’t happens.

I’ve performed a lot of restart without resolve it.

 

 

[Remotely remove KES for Windows license]

Hi,

To remove a license from KES remotely, you have to delete a host from it`s group and then delete it from “Unassigned computers”.

 

Right, this is the proper way, I forgot it. Thank you Nikolay and have a happy Christmas.

[Remotely remove KES for Windows license]

Why not just deploy a new license that replaces the old one?

I don’t think you can remove the license from KSC. But you can do it on the endpoint in KES interface.

 

Because for the moment I don’t have available licenses and I would remove the license from a laptop and I have to do it remotely.