Kaspersky Updater Found On Multiple Pc's

Does anyone know how this Kaspersky Updater software is getting installed on my user's machines?
No. They did not install it. These are farmers. Corn growers. They just now learned to use the mouse.

Our folks are all using Avast/AVG CloudCare. It's gotten to the point that when I sit at a PC, I look for Kaspersky.

If anyone knows, thanks in advance.

 

Welcome to Major Geeks

We wouldn't know as we don't know anything about those multiple PCs, what Operating Systems they all run, whether they are linked with remote access, whether they are synced together.

 

"We wouldn't know as we don't know anything about those multiple PCs, what Operating Systems they all run, whether they are linked with remote access, whether they are synced together."

OK. I earned that response.
All PC's are Windows 10 64bit Pro. Spanning several different corporations and domains at different physical locations.
Not synced together.
All are maintained by me, personally. All use AVG/Avast CloudCare and LogMeIn host services.
There is no Kaspersky software on any machine that would require Kaspersky Software Updater.
Most have an install date of 7/24/2017, but there are a few with today's date. 10/2/2017.

No virus or malware activity has been found with this.
Malwarebytes and Spybot both find nothing (pertaining to this).
AVG/Avast finds nothing.

Kaspersky Software Updater lists itself in the Programs and Applications portion of the Windows Control Panel.
It uninstalls easily enough.

Still, it should not be there at all.

 

Yes. I never installed this, yet here it is.

 

OK. I'll guess some other software pulled this in as part of their install. It would not be the first time software did this.

I'm gonna guess Avast did this, as they do have a Software Updater. It may be licensed from Kaspersky.

AVG just rebranded to Avast this last month. Avast and AVG merged or Avast purchased AVG, depending on who is talking.

 

Avast/AVG and Kaspersky are two completely independent businesses. Avast bought a controlling stake in AVG so it is in reality one company now.
It wont be seen as malware by Avast but it probably got on there as 'optional' additions in other software programs. It is easy to miss the pre-checked optional boxes. It needs uninstalling fully (using the Kaspersky Removal Tool) on every single system.
If any of those clients install software on their systems they need firmly reminding about using a 'custom' install and unchecking any options they never asked for.

 

Thanks. That's what I thought.
I am the guy that installs all the software on these systems. I do read the installer preambles.
The clients get scolded for installing anything at all. One site is a County Health Dept. Another is a fertilizer mfg plant.
More so, I have not installed any software on these machines in many months. They are all nicely set up and quietly doing their jobs.
Or so I thought. Time to look more closely.

I'll push out the Removal Tool, and I will find the source of this.

 

The removal tool lists every Kaspersky product except Kaspersky Software Updater.
Not an issue. I'll get them.

 

Well. While searching the Registry for Kaspersky, I found Keys in
HKLM\Software\LogMein\V5\Kaspersky and
HKLM\Software\LogMein\V5\KSU <-- Kaspersky Software Updater. BINGO.

Wait. I seem to remember LogMeIn trying to sell me Kaspersky...

Google provides this:
https://secure.logmein.com/welcome/webhelp/EN/CentralUserGuide/LogMeIn/t_Central_AV_Kaspersky.html

LMI was purchased by the Citrix/Go2Meeting folks a while back.

End result? Looks like LMI provided the Kaspersky Software Updater in anticipation of selling me that endpoint protection.
Me? I'm going home now. Not going to worry about this any more.

I do not believe Kaspersky is the bad guys. They have worked too hard to keep a good reputation.
LMI should warn folks when they install other Corp's software. <-- This did not happen.
The LMI client/host software update is routine and quiet.

Thanks for being here.