cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4661
Views
5
Helpful
3
Replies

AMP for Endpoints (windows) vs Kaspersky Endpoint Security 11 update

mrichard
Level 1
Level 1

We're starting the deployment of AMP4E on the Windows 10 workstations, so far so good until a helpdesk tech tried to push a Kasperky update on a PC with AMP. It failed with:

 


Kaspersky Endpoint Security 11 for Windows (Strong encryption) (11.1.1.126): Remote installation has been completed with an error on this device: Fatal error during installation. (Kaspersky Endpoint Security for Windows Setup cannot be performed because a third-party application is already installed on the computer: ClamAV 1.0.26 / gredAV. To install Kaspersky Endpoint Security for Windows on this computer, please remove the third-party application by using the standard Microsoft Windows tools or by other methods.)

Kaspersky is mainly used as a package manager to push software, not so much as a whole security suite, but this is annoying. I have no idea why it'd come back with "uninstall ClamAV before continuing as this is certainly a false positive... (even if I know ClamAV can be used by AMP on Mac and Linux, I'd bet it's not the 1.0.26 version that dates back to 2010..!)
 
Just wondering if anyone had hit anything similar and found an easy solution to make them play nice ? KLabs support is rather dismissive and saying to manually uninstall/upgrade/reinstall which is not a scalable solution really...
 
Thanks for any tips !

 


3 Replies 3

We have had several similar issues with proprietary software, where we need to exclude these programs and files from being scanned to make them work.

--
Please remember to select a correct answer and rate helpful posts

jesutorr@cisco.com
Cisco Employee
Cisco Employee

Hi, 

 

My name is Uri, and regarding your inquiry, you need to make sure that the Karpesky and AMP are not fighting each other. 

In AMP you can use a Cisco Maintained Exclusion (CME) for Kaspersky. 

Screen Shot 2020-02-24 at 2.36.46 PM.png

Also from Kaspersky, you need to exclude AMP in Kaspersky, to do that you can follow the AMP user guide to know what you need to exclude. 

https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf Page 46.

 

After that you, both AVs will be working together :)

 

 

alshab103
Level 1
Level 1

Hi, 

 I have the same problem. In my company They were used cisco AMP a while. The version is 7.1.5. When we decided to go with Kaspersky endpoint security. The installation was blocked by Fatal error during installation. (Kaspersky Endpoint Security for Windows Setup cannot be performed because a third-party application is already installed on the computer: ClamAV 1.0.26 / gredAV. To install Kaspersky Endpoint Security for Windows on this computer, please remove the third-party application by using the standard Microsoft Windows tools or by other methods.) When I investigate this issue my findings are, 1 . The above stated issues have found the machines with windows 10 2040h or later edition.  Which is not compatible with amp 7.1.5 edition. When the machines having cisco amp installed is upgraded to 2040h or later versions cisco amp no more listed in windows installed programs list. But the files were in program files, app data folder of users, programdata and also in registries. When we use revu uninstaller program. And manually search and removed all files. Even after we cannot install Kaspersky. The above stated message came again. I can't resolve the issue till now. Dear cisco please do post some resolution.