Stephen B
-
Posts
23 -
Joined
-
Last visited
Never
Posts posted by Stephen B
-
-
Could you please create incident in CompanyAccount and provide us a number. Thank you!
Thanks INC000010637336 -
The issue is as per described in the posts above. The instillation of the latest version of the network agent is failing and reporting that it is due to a lack of disk space. The item has been described in detail above. There is no shortage of disk space. The removal tool DOES NOT WORK WHEN THERE IS NOTHING INSTALLED. I am not having issues removing an old version. The issue is with installing a new version. If I go to an older version it will install and work fine. I can also uninstall the old version. The issue is only with the new version.
-
Hi Guys. As per above the item marked as "Best answer" is not an answer as the removal tool provided does not have an option to remove the network agent. How do I get help?
-
Hi, Please run kavremover with "-nodetect" key and specify Network Agent version manually. Please let us know about result.
Please note that this is not the answer. I am not sure how to remove the incorrect selection that indicates that it is the answer. -
Note that I did not like having an active server with no antivirus installed, so I went to an old installer with Network Agent 10.5.1781 and Kaspersky 10.1.1.746. This installed without error. Something in the disk space checking on the newer version?
-
Hi, Please run kavremover with "-nodetect" key and specify Network Agent version manually. Please let us know about result.
Could you please have a look at kavremover and tell me which item I should be selecting? I can not see any items in the list that detail or are similar to Network Agent. -
Thanks you for the information. I ran the Kavremover tool as requested on the main server (the one I have access to reboot during the day). I did not see any option in this tool to remove the Network Agent, which is the item failing on this server, It fails on the network agent and then does not proceed to the installation of the main application. I did select the Kasp Endpoint Security (in the Kavremover tool) and rebooted as requested by the software. This did not make any difference and the software still refuses to install at the Network Agent.Interestingly we started to work on another server and had the same error, but this time on the Kaspersky Endpoint for Windows (11.1.0) (11.1.0.15919) and not the network agent. What we have found so far is that all servers seeing this error have dynamicly expanding disks and run on a Hyper-V 2012 R2 host. We will be updating our hosts to 2019 in the next 3 months but I am not sure I can go three months without AV on these servers. GSI of this second server is attached.
Hello! First of all you need to check if the Windows has some fragments of the previous KES installation. Please use KavremoverThe error that we seen in the logs is "Application: Kaspersky Endpoint Security for Windows -- The installed AES-56 encryption libraries do not correspond to the AES-256 encryption libraries in this package." Also check the type of encryption of installing package, Thank you! -
Any assistance on this one? We know the servers have more than enough disk space so I am not sure what else to do other than roll back to an older version.
-
Interestingly we started to work on another server and had the same error, but this time on the Kaspersky Endpoint for Windows (11.1.0) (11.1.0.15919) and not the network agent.
What we have found so far is that all servers seeing this error have dynamicly expanding disks and run on a Hyper-V 2012 R2 host. We will be updating our hosts to 2019 in the next 3 months but I am not sure I can go three months without AV on these servers.
GSI of this second server is attached.
-
Thanks for your assistance on this matter. That worked well
-
Since upgrading to 10.1.2.996 with network agent 11.0.0.1131 we are getting several servers reporting that "Protection is disabled" When I try to start the protect
I can not seem to turn on the protection or work out why it is disabled. This server is a 2012 R2 as are the other servers where I am seeing the same issue. A GSI is attached. When I look at the Admin server it shows the following
Internal task error occurred. Error code: 0x0007. Subsystem code: 0x6 (WP). For more details go to the Kaspersky Lab Technical Support site: https://click.kaspersky.com/?hl=en-US&link=error&pid=wsee&version=10.1.0.0&error=B6X7X13X20X
The only reference I could find was that to the licence, so I deployed the licence file again which reported that it was successful, but this did not resolve the issue. It also reports that it has an active key
-
From what we know this event is just a warning from Microsoft for computers that are not on a UPS. Cache is not recommended in some circumstances. This is a VM on a host that has UPS protection, so there is no real risk. The server was a fresh build a few years ago (Server 2016) and has similar settings to other servers. One thing we did note is that this has a dynamically expanding disk, so the hard drive expands as required. Could the installer be reading this incorrectly and not allowing for it to be a dynamically expanding disk? Also, the temp file you have asked for is not on that server.
-
Sorry for the delay, we had issues in other areas. Please see attached GSI
-
So Google Drive is considered a Torrent. So under security controls > Web Control > add an allow rule for *.google.com/drive/*
-
I'm still looking, but this came up in the chrome logs The requested web page cannot be provided. Address: https://clients6.google.com/drive/v2b.... The web page has been blocked by the Block Bad Sites rule. Reason: the web resource belongs to the Torrents content category(-ies) and the Undetermined data type category(-ies). This web resource is prohibited at the company. If you consider the blocking to be mistaken or if you need to access this web resource, contact the administrator of the local corporate network (Request access). Message generated on: 25/06/2019 4:07:48 PM
-
Disabling Self Defence made no difference on my computer. Here is the trusted applications settings. The last two lines are for two possible versions of googleDriveFS.exe with version 31.0.19.0 being the one installed on my computer.
-
Hi Nikolay. That change did not assist. The same results on all computers we tested
-
-
I am running the GSI now and will upload it once done
-
We recently upgraded some computers from 11.0.1.90 and network agent 10.5.1781 to 11.1.0.15919 with network agent 11.0.0.1131 Since doing this we have found that Kasperky is blocking access to parts of Google Drive. We have not been able to work out how to stop this. We do not want to turn off scanning of Google Drive, but just allow the normal functionality. The top part of the image shows how Google Drive looks when Kaspersky is running. The second part shows how it looks when we disable Kaspersky. Note that the File upload and Folder upload are greyed out and the option of Docs, Sheets and Slides are missing when Kaspersky is enabled.
Running Windows 10 1803 and we have tried this on a couple of computers.
-
I have managed to get around it on one server by deploying the application in stead of doing a manual install. I will try the other servers tonight when the office is closed down
-
We are trying to install Network Agent 11.0.0.1131 and Kasp Endpoint 11.1.0.15919. Several servers are reporting errors with the Network Agent on some systems:- Setup process error: 1603 (General Windows Installer engine error. Increase DiskSpace requirements in Setup.ini and try again.) Installing on Windows Server 2019 version 1809 Server has 298Gig C Drive with with 279Gig free, so space is not an issue. I have tried logging in with my account and with the admin account and get the same result. It's not happening to all servers/computers. Only about 20% of them. Any ideas?
Network Attack Detected
in Kaspersky Endpoint Security for Business
Posted
I am using 11.4.0.233 on some of our servers with agent 12.0.0.7734 and I am getting these reports from a single device. The item being identified is a UPS that is monitored. We added the IP Address to the “Exclusions” but the reports still come through. We could change it to “Do not track MAC spoofing attacks” but I don’t think that is the safest thing to do. The preference would be for the Exclusion to work.
Any ideas?
Event "Network attack detected" occurred on device MILESTONEE1 in Windows domain ##### on Tuesday, 14 July 2020 11:30:56 AM (GMT+10:00)
Event type: Network attack detected
Application: Kaspersky Endpoint Security for Windows
Application\Path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\
User: NT AUTHORITY\SYSTEM (System user)
Component: Network Threat Protection
Result\Description: Allowed
Object: ARP from unexpected source
Object\Type: Network packet
Object\Name: ARP from unexpected source
Object\Additional:
Suspicious: 14/07/2020 11:30:56 AM: 00-20-85-DF-19-CE -> 172.17.2.44