Overview

This error message means that KSWS KSN-Client was unable to reach KSN Cloud servers (in most cases if KSN Proxy is used). Possible causes of the issue: Various transport-level issues KSC Server has been moved to another host with new DNS-name and IP-address Troubleshooting steps: Check that KSC is accessible via both its IP address and its hostname Check that option "Bypass proxy for local addresses" is enabled (KSC server properties > Advanced > Configure Internet access) Check that option "Use UDP port 15111" is disabled: 3.1 Administration server properties -> KSN Proxy -> KSN Proxy settings 3.2 Network Agent policy properties -> Distribution points -> KSN Proxy Check that KSC server could successfully establish connection to KSN KSN Proxy server statistics is updated Check that in KES policy option "Use KSN servers when KSN Proxy is not available" is disabled. And KES is able to successfully establish connection with KSN and KSN statistic is populated correctly. Otherwise, KES might establish a direct connection to KSN, bypassing KSN Proxy. Check that port 443, 13111 TCP used by KSN proxy are available on proxy or company's firewall. For more information about ports which KSC uses please use KB article. Check that Port Control or Detect Protocol features are disabled on the corporate proxy servers, firewalls. Non-SSL traffic should be allowed on 443 port. If you use Squid, upgrade to the latest version. We have a confirmation that older versions of Squid have some issues, which might lead to this problem. On KSC open Advanced -> Remote installation -> right click on 'Installation packages' node -> Properties. Make sure that correct server address is specified. In the address is incorrect then specify the right one -> recreate Nagent package -> reinstall Nagent on client hosts using the new package.

These logs are needed only in specific cases, to save time and effort do not collect these logs unless explicitly requested. Behavior Stream Signatures or BSS is a major part of System Watcher. Sometimes its logs are required to diagnose the issue. Step-by-step guide BSS log collecting is started via bases, so when you activate logging via the avp.com command, it will return an error. This is expected, since the product itself does not actually recognize the command, that is targeted for the bases. Run <path_to_kes_folder>\avp.com trace on /bss Ensure that BSS logs and KES traces are being generated in the %Programdata%\Kaspersky Lab\ folder(%ProgramData%\Kaspersky Lab\KES\Traces for KES 11.5). BSS trace will have .bsse$ extention. Reproduce the issue, specify the timestamps when the issue had reproduced (HH:MM:SS format is mandatory) Run <path_to_kes_folder>\avp.com trace off /bss BSS log will have now .bsse extention. Provide KES tracing, BSS logs and all other files requested.

Advice and Solutions (Community Knowledgebase) Disclaimer. Read before using materials. In case you want to skip automatic uninstallation of a specific software, but do not want to disable incompatible software check completely, you may edit cleaner.cab. Step-by-step guide Download full KES distributive Start it and make sure all files were unpacked Navigate to the directory you unpacked kes_win.msi to Find cleaner.cab in case of KES11.9 and older versions. Find cleaner_v2.cab in case of KES 11.10 and more recent versions Unpack the contents to the temporary directory c:\temp\cleaner_v2 or c:\temp\cleaner Search for a 3d party product (for example, Bitdefender) to be removed from KES install package by running this command: findstr /C:"Bitdefender Endpoint Security Tools" C:\temp\cleaner_v2\*.ini It will display the exact name of ini file destined to remove Bitdefender Endpoint Security Tools: C:\temp\cleaner_v2\2dd68715-037d-4c3d-bb5e-e07f07bcb357.ini:name=Bitdefender Endpoint Security Tools 6 x64 Open the the contents of 2dd68715-037d-4c3d-bb5e-e07f07bcb357.ini for more details about 3d party product in question. If everything is ok, delete the ini file Find cleanapi.ini Find and remove all lines related to the products you removed on step 8 (several 3d party products can be removed): [bitdefender_endp_sec_tools_6_2_15_x64] file=2dd68715-037d-4c3d-bb5e-e07f07bcb357.ini Antivirus=1 Product=KES 11. Pack all the remaining files to cleaner.cab in case of KES 11.9 and older, cleaner_v2.cab in case of KES 11.10 and more recent version You may now use this custom file instead of the standard one. Place it near setup.exe or *.kud\*.kpd and re-create a new package in KSC console. Packing files back to *.cab file may be difficult if you do not have specific software. Below you can find two scripts: one for command prompt, one for powershell. Command prompt Run command prompt script from the directory with *.ini files. In case of KES11.10 and more recent: @echo off dir /s /b /a-d >files.txt makecab /d "CabinetName1=cleaner_v2.cab" /d "MaxDiskSize=0" /f files.txt del /q /f files.txt, setup.inf, setup.rpt In case of KES 11.9 and older: @echo off dir /s /b /a-d >files.txt makecab /d "CabinetName1=cleaner.cab" /d "MaxDiskSize=0" /f files.txt del /q /f files.txt, setup.inf, setup.rpt Please be advised that cab file will be saved to the disk1 subfolder inside the folder with ini files. Powershell Powershell script syntax is: compress-directory "PATH_TO_INI" function compress-directory([string]$dir) { $ddf = ".OPTION EXPLICIT .Set CabinetNameTemplate=cleaner.cab .Set DiskDirectory1=. .Set CompressionType=MSZIP .Set Cabinet=on .Set Compress=on .Set CabinetFileCountThreshold=0 .Set FolderFileCountThreshold=0 .Set FolderSizeThreshold=0 .Set MaxCabinetSize=0 .Set MaxDiskFileCount=0 .Set MaxDiskSize=0 " $dirfullname = (get-item $dir).fullname $ddfpath = ($env:TEMP+"\temp.ddf") $ddf += (ls -recurse $dir | ? {!$_.psiscontainer}|select -expand fullname|%{'"'+$_+'" "'+$_.SubString($dirfullname.length+1)+'"'}) -join "`r`n" $ddf $ddf | Out-File -encoding UTF8 $ddfpath makecab /F $ddfpath rm $ddfpath rm setup.inf rm setup.rpt }

Advice and Solutions (Community Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows) Description FDE precheck is a utility used for advanced Full Disk Encryption compatibility testing. It contains latest drivers which will be implemented in future KES releases. FDE precheck also collects diagnostic data used to fix compatibility issues. Inability to use laptop keyboard and\or touch-pad is one of the most frequently met issues. Using FDE precheck you can understand if compatibility issue was already fixed and will be included in next release or it should be addressed. You can download latest FDE precheck utility using following links: For KES 12+ - https://support.kaspersky.com/14328 System requirements Single operating system should be installed on the test machine, FDE Precheck can't properly function on a host with multiple operating systems. Use administrative account to run the utility. Read before proceeding Decrypt the test host and remove Kaspersky Endpoint Security and AES module. Do a backup of the critical data on the test machine. Follow the test sequence exactly as stated below. Do not manually stop the execution of the utility. The system will automatically restart several times, it is an expected behavior. Plug in laptop. Do not run test on battery. Failure to comply with steps above may lead to unpredictable consequences. Test sequence Make sure machine decrypted does not have KES or AES module installed not running any KL drivers has no critical data plugged in Reboot. Copy and unpack fde_precheck.zip archive. Run elevated fde_precheck.exe (either by right-clicking and choosing Run as administrator or by starting it from an elevated command prompt). If the program will not find any incompatibilities the following message box will appear: Press Yes, to initiate installation of the encryption drivers and initiation of the test. Wait for the automatic reboot, then login using the administrative user as was done earlier. Press OK on the pop-up that will appear shortly after the reboot: Press Yes in the UAC window if it will appear shortly after. Wait for several minutes (up to 10-15 minutes) until next automatic reboot will occur. Do not initiate reboot manually! It will be done automatically. Manual reboot at this stage may result in corruption of the OS. All preparations are run in background, it is normal that there will be no indication of activity on the desktop. After automatic reboot you will see the preboot agent, and it will require human presence to complete those tests. If possible, record the whole process on a camera of smartphone. You will be asked to enter random keystrokes using the keyboard and mouse. In case of successful keystroke registration you will see something like that: Just follow the instructions that will appear on the screen and press "NEXT >" when done with each test. In case FDE Precheck Preboot agent will fail booting or will freeze at some point, please take photo of the error message, or record the whole process on a camera and reboot the machine if necessary. OS will boot either way. Login using the administrative account that was used earlier. At this point drivers will be removed in the background and host will be rebooted one last time automatically. Wait for several minutes (up to 10-15 minutes) until next automatic reboot will occur. Do not initiate reboot manually! It will be done automatically. Manual reboot at this stage may result in corruption of the OS. All preparations are run in background, it is normal that there will be no indication of activity on desktop. The following three files are always created. All three files are mandatory to provide for analysis. fde_precheck_report.txt fde_precheck.log (will be located in the folder with fde_precheck.exe) Description of what have happened during tests (with screenshots and video if possible).

The materials provided on the Advice and Solutions (Community Knowledgebase) part of the Forum result from the work of the Kaspersky Customer Support team and Forum community members. They are shared here for ease of use of Kaspersky products, deploying and configuring them. Please remember that using commands or recommendations from the articles without a clear understanding of their purpose may result in errors or system inoperability. Please note that some materials presented are not official, so technical support may decline to support a specific unsupported configuration in some instances. Please also ensure to use the official documentation, found in this link.