Kaseya Community

Multiple machines showing old Database Definition dates in the KAV module

  • So... after opening ticket #113407 with support last week and not hearing back yet, I thought I'd post this issue here and see if anyone had any ideas.

    I have multiple machines showing old definition dates in the KAV module (Kaspersky 10). Upon logging into the devices, the definition dates are current.

    I used https://helpdesk.kaseya.com/entries/91525667-KAV-KAM-shows-defintion-out-of-date-in-kaseya-vsa-whereas-on-the-endpoint-kaspersky-and-malwarebytes to troubleshoot and found that...

    Files are being generated and uploaded from the endpoint.
    the kes.service queue on the Kaseya IIS server is clear
    files are being processed from C:\Kaseya\UserProfiles\@MsgQueIn however there are 8758 old entries dating back a year in here. could it be possible, there is an old message stuck from specific endpoints and it is therefor not accepting new messages for these endpoints only? is it safe to clear this folder? I do see some new items coming into this location and being removed after a bit. So it is processing some items

    VSA is currently at 9.1.0.14

  • Hey  

    It looks like you have received more information on this reviewing the ticket.

    Additionally, I believe the following thread addresses the same issue you are seeing with KAV Definitions:

    http://community.kaseya.com/xsp/f/142/t/21503.aspx

    9.1.0.15 was just released, which does indicate it has a fix for this issue:

    • Fixed a mismatch between the Antivirus Definition File Update date and the Update date reported by the Kaspersky client on the endpoint, resulting in an out-of-date condition being misreported. (IP-1209/PROTECT-229)

    In regards to the MSMQ issue, this is also brought up in another thread:

    http://community.kaseya.com/xsp/f/142/t/21639.aspx?pi5364=1

    If you still have any questions or concerns on both of these issues, feel free to let us know.