Kaseya Community

KAV 6.0 Engine Really Broke

  • We did the KAV update last week, but only updated one client last night. DON'T upgrade!

    We spent the entire morning trying to undo the KAV screwups.  The 6.0 Engine (updating the client from the Kaspersky 2010) generate MANY false positives on line of business applications. 


    AutoCAD 2009

    Kaseya itself

    Scriptlogic

    Bluebeam

    They is no way to undo the damage from the console, no way to turn off alerts about modules being not enabled (we don't want the Mail scanning), no way to clear detections in the dashboard, no way to sort based on Date (really dumb). Scanning of Network drives is enabled by default. There are popups about Registry access now that were not there.

    The list goes on, this is a HUGE step backwards in management. KES was far better (but KES 9 is not catching intrusions)

     

  • I can't wait for the response from K on this one. That doesn't sound very pleasant.

  • It was not a pleasant morning. And Support made some lame response about setting Network Exclusions, well than means entering all letters form E to Z plus the UNC patch to every server on their network. Rather than being able to check one single box!

  • community.kaseya.com/.../14667.aspx - workaround for the network scanning part

  • Does disabling the "Proactive Defense" feature in the KAV profile help? We have a profile called this which we put most of our clients on simply because of the pop-ups and prompts.

    We also work out major line of business applications and add them to the trusted apps but we never add a UNC path so I am suprised if just turning off proactive defense doesnt help.

  • It is always good to create pofiles and set exclusion. If partitions being scanned on file server then UNC path of file server does not required to be scanned from all machines in the LAN. It is just as good as killing file server.

  • Turning off Proactive Defense helped us eliminate the pops ups but then you get the flags within KAV that you are not being protected and the users can turn it back on.

  • In the older KAV yes, but in KAV 1.3 it doesnt show up like that for me and also the users cannot change it without entering the password.

  • Right, they cannot turn it back on but it still shows "Your computer security is at risk Fix!" and then asks for the password. Bottom line is that I still get calls about the warning and the customer's perception is that we aren't doing our job well.

  • Totally agree with you, this should be fixed and we need better management... But all I am saying is that under KAV 1.3 my clients arent getting the message "your computer security is at risk, Fix!" when proactive is turned off.

  • Unfortunetly, I read this too late and tried the 1.3 upgrade, where 1.2 was working. BAD IDEA. A refund is now a thought.

  • Definately don't upgrade. It broke 150 w/s on our side and screwed up another 20 machines (network completely broken)

    Support can't seem to resolve this. Have ticket open since 8am this morning and still not resolved.

    Logged into some machines and  found KAV running ok, but Kaseya thinks the install failed. Some machines are running AVG & KAV together....the list goes on

  • Yeah, I discovered KAV 1.3 was detecting files in the IT Service Desk as viruses and deleting them (not guaranteeing them). KAV 1.3 also detects the KAM installer as a potential threat and prompts the user to accept or block the attempt.  Once again it appears KAV was developed in a vacuum and then not tested outside of a lab.

  • It seems that disabling

    - Proactive Anti-Virus

    - Access Control

    - Anti-Spam

    Wont cause alert, but disabling some of the rest will cause "Your computer security is at risk". Proactive Anti-Virus has been the trouble for me, otherwise been able to play with exclusion lists.