Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
mbaerwolff
Participant

Problems after Update to DHS Compliant Version

Since the update of the Anti-Malware Engine, we have had massive problems with various programs. In some cases, .exe files that previously worked without any problems are moved to quarantine. However, this does not affect all clients. The exceptions that we define do not have the desired effect.
Do any of you have the same effects or possible recommended settings?

18 Replies
G_W_Albrecht
Legend Legend
Legend

Have you opened an SR# with CP TAC already ? If exceptions do not work this should be the first step.

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos
mbaerwolff
Participant

Yes, I have opened a case, but the first recommandation was to deactivate the security settings at the policy. 

0 Kudos
the_rock
Legend
Legend

I saw someone mention they had issue with forensic service confuming high CPU, but yes, I would definitely contact TAC about the issue.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Sorry, but this is off topic - the issue is with non-Kaspersky  AV/AM engine, not forensics....

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend

Not really off topic, as issue happened AFTER update to DHS compliant version...

0 Kudos
G_W_Albrecht
Legend Legend
Legend

You did not write that...

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend

Haha...never mind mate, I was more referring to an issue with DHS compliant version.

Cheers,

Andy

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Forensics is the reason for 80% of our customers EPS tickets with CP...

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend

My colleague was telling me it happened with only 3 users so far out of 300+, so its not that bad at all, thats 1%. 

0 Kudos
JonnyRabinowitz
Employee
Employee

If you look at under "Logs" tab for the forensic log entries for these detections, what is in the "Protection Type" field? 

Want to confirm specifically what is making the detections

0 Kudos
mbaerwolff
Participant

For one application I see URL Reputation - Forensics. However, the log message goes on to say which applications have been moved to quarantine.
No log entries are created for other applications although the program freezes and crashes.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

One of our partners customer also is experiencing this issue - RDS server after upgrade to DoC compliant version E88.32 has EPS client crashing 32 times in 2 days !SR# is open with TAC now.

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend

Ouch...mind sharing exact reason for the crash? MY colleague told me one of our customers also has same problem on few machines, but I did not inquire further.

Andy

0 Kudos
G_W_Albrecht
Legend Legend
Legend

The update did it - worked OK before. First solution attempt from TAC is to completely uninstall and re-install the client...

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
the_rock
Legend
Legend

Thats usually first step, sometimes it does work...

0 Kudos
Wolfgang
Authority
Authority

@G_W_Albrecht does uninstall and reinstall solved the problems  ? We are facing more and more problems with other customers after changing to DoC compliant version.

0 Kudos
the_rock
Legend
Legend

I will ask one of my colleagues about it as well.

Andy

0 Kudos
G_W_Albrecht
Legend Legend
Legend

I would appreciate if someone tries that ! The RDS with the issue is in production and has over 60 users, so any change is only hard to do and has to be allowed by the customer. I would appreciate if this could be replicated by CP in Lab ! Last solution attempt was to update BIOS and all driver on the server, which is hard to do in a Hyper-V VM 😎 So i have now escalated the case.

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events