Jump to content
Kaspersky Support Forum

Kaspersky flooding clients with MSI files

regans83
 Share

Recommended Posts

regans83

regans83

Posted
  • Author
Posted

We are using Kaspersky Security Center 10 which is flooding our client machines with .MSI files to the C:\Windows\Installer location.

As most will know its a big no no to clear this location but we are having no choice as for some unknown reason Kaspersky is constantly pushing these database update files to machines, these are filling the hard drive and can consist of 170GB of space in some instances, please can someone advise why this is happening so I can resolve the route cause issue.

Link to comment
Share on other sites
tnecnib

tnecnib

Posted
Posted

Hi,

 

We also encounter this issue to one of our customer. We did try to reinstall the antivirus but problem still persists. Do we have solution regarding these issue? What logs do we need to provide. 

TIA,

 

Hello!

Please describe your problem in more details. 

Thank you!

Hi,

 

the msi files has been created in the folder C://windows/installer. Unfortunately it floods the folder and it consumes a lot of resources. 

do we have solution regarding the issue.

 

-TIA

Link to comment
Share on other sites
lcgmurray

lcgmurray

Posted
Posted

We have a similar issue on at least server. We have 1,185 instances of the same 80MB database update file. The file date for each is 08/27/2019  and this correlates to when the logical drive capacity started it march towards zero. I have had to extend the drive to free up additional space as I am reluctant to start sniping files from this directory. 

 

KES for Windows: 11.1.0.15919 AES56

DB Release: 10/30/2019 12:47 AM

Server: 2019 b17763

 

 

Link to comment
Share on other sites
lcgmurray

lcgmurray

Posted
Posted

Have an update:

 

After some investigation we found that Windows Defender had been reenabled on the system (maybe through MS update – not sure). Since Windows Defender is  incompatible with KSM we believe it was causing the auto update to fail. Unfortunately, the update engine still requested an update file every hour (at 80MB a piece) so the erosion of drive space was pronounced (took about a month to drive it to almost 0).

 

To remedy, we disabled Windows Defender, manually applied the update, and are no longer seeing the update payload spooled down. We inventoried all files in the install directory with the files signature of the failed updated and moved them off box for eventual deletion.

 

Not sure if this applies to anyone else reporting issue but may be worth a look. 

Link to comment
Share on other sites
tnecnib

tnecnib

Posted
Posted

Have an update:

 

After some investigation we found that Windows Defender had been reenabled on the system (maybe through MS update – not sure). Since Windows Defender is  incompatible with KSM we believe it was causing the auto update to fail. Unfortunately, the update engine still requested an update file every hour (at 80MB a piece) so the erosion of drive space was pronounced (took about a month to drive it to almost 0).

 

To remedy, we disabled Windows Defender, manually applied the update, and are no longer seeing the update payload spooled down. We inventoried all files in the install directory with the files signature of the failed updated and moved them off box for eventual deletion.

 

Not sure if this applies to anyone else reporting issue but may be worth a look. 

Hi Icgmurray,

 

Thanks for the update. 

Link to comment
Share on other sites
  • 1 month later...
tmike11

tmike11

Posted
Posted

I have two windows 2019 servers also being flooded by these files in the hidden directory in the windows\installer directory, each one is about 80 megs and eats up disk space super fast.  I deleted about 300 of them and then the next day 180 were back!  Defender was running on both servers so I just disabled it and will see if that helps!

Link to comment
Share on other sites
  • 2 weeks later...
Remko

Remko

Posted
Posted

We have  a similar problem. Prior to the holidays (X-Mas and Happy New Year) we updated the Kasperksy client on all machines. 

Now it appears that this problem occurs on computers which have not restarted. 

They appear Yellow in de KSC and are pending reboot. For some reason, people are not willing to reboot a machine. As long as the machine is not rebooted, the c:\windows\installer folder is flooded with these 80 MB files. 

In some case this now adds up to over 100 GB per machine. 

 

We are now looking for a solution to correct this and cleanup all the orphaned Files. 

 

This is potential a huge problem as all our hardrives are filling up rapidly on our workstations. 

 

 

Link to comment
Share on other sites
Remko

Remko

Posted
Posted

We were upgrading from 11.0.1.90 to version 11.1.1.126.

I also escalated the problem to Kasperksy Suppport. They send me a personal fix last thursday but I need to figure out how to implement this. There is no documentation associated with it. 

Link to comment
Share on other sites
  • 3 months later...
Cross

Cross

Posted
Posted

Have an update:

 

After some investigation we found that Windows Defender had been reenabled on the system (maybe through MS update – not sure). Since Windows Defender is  incompatible with KSM we believe it was causing the auto update to fail. Unfortunately, the update engine still requested an update file every hour (at 80MB a piece) so the erosion of drive space was pronounced (took about a month to drive it to almost 0).

 

To remedy, we disabled Windows Defender, manually applied the update, and are no longer seeing the update payload spooled down. We inventoried all files in the install directory with the files signature of the failed updated and moved them off box for eventual deletion.

 

Not sure if this applies to anyone else reporting issue but may be worth a look. 


Hi Icgmurray, one of our clients are receiving the same issue as above. We have asked them to disable win defender aswell. Is there a restart or other steps involved in disabling win def?

Link to comment
Share on other sites
  • 2 months later...
Cross

Cross

Posted
Posted

Hello!

We have the same problem under Windows Server 2019, KSC 12 and KES 11.3. But the Windows Defender is already turned off.

Are there any other solutions?

 

Thanks a lot.

 

Hi there,

 

I know there is a new version KSC 12.1 and KES 11.4, however I experienced this in 11.0 so I am not sure if it is fixed in latest.


Try uninstalling KES and installing KS 10 for Windows Server.

I see this more as a workaround than a solution, but test and see if it works. Worked for one of our clients.

Apologies, for not giving feedback sooner.

Link to comment
Share on other sites
  • 1 month later...

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...