Kaseya Community

AV Database Date - Out of date

  • We seem to have good number machines that report out of date defs.  Is there a way to have Kaseya reach out again to verify the currently running definition either through a script or agent procedure?

    What I've tried that doesn't seem to make a different-

    Restarted the Kaseya service

    Ran the avp.com update via live connect command prompt, reports up to date

    Ran a latest audit

    Ran an update from the KAV console


    Any tips, I can't be the only one that's having this issue.  =)

  • You're not the only one.

    We're facing the same problem which costs us a lot of time.

    We've opened a ticket, july 18th, the problem is escalated to the engineering team but until now no solution.

    For the time being a, automated, workaround should be nice.

  • KAV.zip

    I got this back from Kaseya today.

    Thank you for contacting Kaseya Support. I will be glad to assist you.

    There is a known issue in which Kaspersky does not properly register the default password "KaseyaUninstall" to the registry. This has been reported to Kaspersky. For now a workaround has been written. Please use the following two scripts. The first one will add the missing key to the registry AND will also reboot the machine. After, please run the second procedure which will revalidate the license. This should resolve the issue.

    Thank you. Please let me know if there is any further issues.

    Regards,

    Gonzalo, Kaseya Support

  • Those are great to have, was your issue specific to licensing reporting out of date or was it related to the definitions?

  • The definitions would not update because there was no license for Kaspersky on those machines.

  • Additional information:

    Endpoints are up-to-date but KAV GUI in VSA shows incorrect information.

    Endpoints are licensed.

  • In the last 40 days I've had 14,500 emails about KAV being out of date for 250 KAV installations

  • Rename the procedure that has 'KaseyaUninstall' in quotes (remove the quotes in the filename) or it has an error during import.

  • Will that has been my experience as well with what seems like 30% of them, console reports out of date but when I get on the machine it shows as current.

  • Hello all,

    we have the same problem since months and are waiting for a solution from Kaseya/Kaspersky. The default password on the clients seems to be correct, because we can reconfigure locally the config.

    Are there more companies with the same problem?

  • I too get a lot of email alerts for the AV alerts. I don't see where you can control the alerting frequency. It appears to alert every hour...

  • I assume the commands from the KAV module are not functioning on the endpoint?

  • Although this doesn't cover all other issues in our deployments with KAV this issue was present in many of our 6 -> 10 upgrades sitting as a time bomb.

    After the default interval of the first licenses that gets applied when it's upgrade things start failing because the endpoint will become unlicensed.  The reason it becomes unlicensed is these registry items do not have a value (Wow64 depending on if the machine is 64bit) which means KAV api can't call back to update it's license file.  Here are the keys :

    HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\KES10\settings\OPEP

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\protected\KES10\settings\OPEP

  • @bctirado, isn't this what is resolved using the procedures posted earlier in this thread?

  • So far me the Procedure Refresh seemed to have inconsistent results.  You're right the other procedure does check those registry locations, I had forgotten that it was in there.

    I wanted to know which of my machines had this problem so I created an agent procedure that checks those keys and writes a note to a custom text which then you can base a filter off of.

    You can also add to your agent procedure to pull the new license file down and then remove the bad license, apply the new license, and update.

    I've only found this registry issue to be on upgrades from 6 -> 10 of KAV which for us was hundreds of endpoints.