Forum Discussion

crcurran's avatar
crcurran
Active Contributor
7 years ago

'Kaspersky Software Updater' keeps installing, but I got rid of Kaspersky AV

I kept finding it on workstations here and there.  I would uninstall thinking I missed it, but I continued to find it.  I thought maybe there was a remaining workstation acting as a repository and installing the Updater, or a Windows DC Server GPO installing silently.  Never could find workstations nor any GPOs. 

 

I spent hours looking around on the Internet to solve this problem.  I finally found it Logmein without telling me when I turned 3rd party application updates that they would be silently installing Kaspersky Russian Software.  You know, the Russians, who all 17 Intelligence agencies in the US say is hacking our elections and numerous other infrastructure systems in our country and most of the rest of the World.

 

Russia is untrustworthy.   Plenty of information to chew about that:  https://www.google.com/search?q=ties+between+Kaspersky+and+russia&rlz=1C1GGRV_enUS787US787&oq=ties+between+Kaspersky+and+russia&aqs=chrome..69i57.6067j0j7&sourceid=chrome&ie=UTF-8

 

This isn't acceptable not being notified the technology being used for 3rd Party application updater.

 

  • GlennD's avatar
    GlennD
    7 years ago

    Hi crcurran,

     

    I understand your concern and would like to reassure you and all of our Central customers, that we closely monitor and review all 3rd party software that we use.  Disabling the Automatic Updates feature will result in the software being removed but, there is also a One2Many script that you can run. I have shared your feedback with the product team.

     

  • A_User_Of_LMIC's avatar
    A_User_Of_LMIC
    New Member
    6 years ago

    Agreed x 1000

     

    "Application updater" is dangerously misleading.  Particularly in the context of the customers you are targeting.

     

    We are not the people you want to be hiding things from.

     

    "INSTALL KASPERSKY APPLICATION UPDATER AGENT" would be a meaningful radio button.  Clear intent, no surprises.

     

    Giving us all heart attacks when the A/V starts sending alerts about silent background installs of Kaspersky that we didn't buy and didn't authorize...that is a strange choice for a company looking to build a loyal and long-term customer base among industry professionals.


    Cut it out.

    • PaulMcCormack's avatar
      PaulMcCormack
      New Contributor
      3 years ago

      As I type, Russian troops are in Ukraine, shelling Kyiv.  Any update from Logmein?

  • rjp-sh's avatar
    rjp-sh
    Active Contributor
    8 years ago

    On many of my users I have recently noticed that 'Kaspersky Software Updater' was installed around the last week of August. As my users do not have permissions to install software and because most of them have this it I can only assume that with the latest LogMeIn updates that this software was installed by them.  With the controversy surrounding Kaspersky it seems this is a bad move on LogMeIn's part - to auto install controversial software on customers machines with no warning or notification. 

     

    If people would like to opt-in to this service that seems fine - but to automatically take this step it seems to be a breach of trust on LogMeIn's part.  Is there a way to opt out of this service and remove this software from the LMI Central Control Panel?

     

    • vinemt's avatar
      vinemt
      Active Contributor
      8 years ago

      It looks like LogMeIn autoinstalled Kaspersky Software Updater without asking. Additionally, it was installed in an insecure manner introducing a vulnerability on every machine on my network. It installed the KSU service and gave "Everyone" control over the service therefore unprivileged users can modify the properties of this service, allowing an unprivileged, local attacker to execute arbitrary code or commands as SYSTEM.

       

      https://support.microsoft.com/en-us/help/914392/best-practices-and-guidance-for-writers-of-service-discretionary-acces

       

      https://msdn.microsoft.com/en-us/library/ms685981(VS.85).aspx

       

      This is Unacceptable. Additionally, there doesn't seem to be a silent uninstaller, which means every system must be visited.

       

      LogMeIn - where do you get off autoinstalling Kaspersky software onto our machines?

      • vinemt's avatar
        vinemt
        Active Contributor
        8 years ago

        Silent uninstall string is

        msiexec.exe /x{DEEDA858-A9B4-4212-8873-2F2CE2706E68} /qb

         

        It may be part of their new 3rd party software updater system, so if you use that check for further guidance. We don't.

        I'll post back if the software recurs after this removal.

         

        Edit 10/27/17 - So far, no recurrance of the installs.

    • BangHeadHere's avatar
      BangHeadHere
      New Member
      8 years ago

      last week LMI "somehow" installed Kaspersky on hundreds of our company computers and uninstalled the Anti-Virus that we were running already

      • Vitor_M's avatar
        Vitor_M
        Retired GoTo Contributor
        8 years ago

        Hello,

         

        The Kaspersky software updater should only be installed if you opt a computer to be part of the Applications feature. ( in your Central console, under application you need to set a computer to be either Automatically update or Manually update) if neither of those are checked the program does not get installed. 

         

        BangHeadHere the Kaspersky Endpoint Protection software will attempt to uninstall any local av's it finds, but again the admin needs to choose to push the KES to the users. 

         

        Best,

         

        Vitor 

    • d9oo's avatar
      d9oo
      Visitor
      5 years ago

      I just discovered that it is still happening. A brand new computer just rolled out a month ago that never had Kaspersky on it,  now does. The user would have not installed the Kaspersky Software updater - it could have only come from Logmein Central. This is very concerning.

      • JCAlexandres's avatar
        JCAlexandres
        New Contributor
        5 years ago

        Talking to LogMeIn tech support, the engineer said they are not installing the Kaspersky Updater, he sia dhe is 100% positive sure LogMeIn anti-virus doesn't use the Kaspersky Updater.

  • GlennD's avatar
    GlennD
    GoTo Manager
    7 years ago

    Hi crcurran,

     

    I understand your concern and would like to reassure you and all of our Central customers, that we closely monitor and review all 3rd party software that we use.  Disabling the Automatic Updates feature will result in the software being removed but, there is also a One2Many script that you can run. I have shared your feedback with the product team.

     

    • crcurran's avatar
      crcurran
      Active Contributor
      7 years ago

      My DDQ efforts for compliance just took a sucker punch to the gut because of your lack of transparency.

       

      Cut ties with Kaspersky or I predict you will be taking an even bigger PR hit. Take that message to your Board of Directors not just the Product Team. 

       

      If I don't see enough movement on correcting this, I will be trumpeting it from the mountaintops come next Winter. That disclosure of my intent is my transparency.

       

    • Rishipreetam's avatar
      Rishipreetam
      Visitor
      10 months ago

      Any update regarding the application updates? still LogMeIn using Kaspersky?