kaspersky endpoint protection(KES) 造成chatgpt 無法回應答案

 去年在使用chatgpt時，可登入，但輸入問題後按下enter，都不會有任何回應。

後來把防毒kes關閉後，就正常了，那時因為版本比較舊，升級後就正常了。

但這幾天又發生了，雖然kes有出比較新的版本了，但跟現在的版本差異不太，所以就先問廠商。

廠商判斷應該是被憑證影響了，要把幾個chatgpt相關的網址加到信任網域內，就可以正常chatgpt的回覆就可以正常顯示。

在政策裡面的一般設定-->網路設定-->受信任網域 裡面，把下列幾個網址加進去即可。

chat.openai.com

auth0.openai.com

cdn.openai.com

cdn.auth0.com

tcr9i.chat.openai.com

cdn.oaistatic.com

events.statsigapi.net

Last year, when I used ChatGPT, I was able to log in, but after entering a question and pressing Enter, there was no response.

I later turned off the antivirus software Kes, and it worked normally. At the time, the version was older, so upgrading it fixed the problem.

However, the issue has occurred again in the past few days. Although Kes has a newer version, it is not much different from the current version. So, I contacted the support vendor.

The vendor determined that the issue was caused by a certificate. Adding the following URLs to the trusted domain will allow ChatGPT responses to be displayed normally.

chat.openai.com
auth0.openai.com
cdn.openai.com
cdn.auth0.com
tcr9i.chat.openai.com
cdn.oaistatic.com
events.statsigapi.net

更新KESS到最新版3.2後 無法連線到中控台Server

將KESS升級到最新版後，連同Network Agent也一起更新到14版。

裝好後卻一直無法跟中控台連線，測了一下發現是Network Agent 有啟用，但連不到中控台。

原來是Network Agent 14版不支援比較舊的作業系統了，規格可參考下列的kaspersky官網說明

https://support.kaspersky.com/KSC/14.2/en-US/255797.htm

After upgrading KESS to the latest version, the Network Agent  were also updated to version 14.

After installation, the connection to the central console was not possible. Testing revealed that the Network Agent were running, but could not connect to the central console.

It turned out that Network Agent version 14 no longer supports older operating systems. The specifications can be found in the following Kaspersky website documentation:

https://support.kaspersky.com/KSC/14.2/en-US/255797.htm

安裝Kaspersky 的KESS，出現電腦上遺失SHA-256(SHA-2)數位簽章支援的錯誤訊息。

 

安裝Kaspersky 的KESS防毒軟體時，出現電腦上遺失SHA-256(SHA-2)數位簽章支援的錯誤訊息。

可參 考錯誤訊息下方的說明網站。

主要的解法就是去安裝kb4474419的更新即可。

When installing Kaspersky's KESS antivirus software, an error message may appear indicating that the computer is missing SHA-256 (SHA-2) digital signature support. This is because Kaspersky uses SHA-2 to verify the authenticity of its software and files.

To fix this error, you need to install the kb4474419 update. This update is available from Microsoft's website.

Once you have installed the update, you should be able to install Kaspersky's KESS software without any problems.

HTTPS 網站的SSL 憑證發行者 變成 Kapersky

HTTPS網站的憑證發行者，通常都是顯示該憑證的發行商, 

但在某些網站查看憑證資訊時，發行者會變成Kapersky，在功能上沒影響，但不知為何會如此。

查了一下才發現，如果防毒軟體有啟用HTTPS的掃描檢查，防毒軟體就會安裝自己的憑證，以便檢查HTTPS傳輸。

如果把這個HTTPS加密傳輸的檢查關了，就不會有憑證發行者被換掉的狀況了。

卡巴斯基企業版的端點防護(KES)HTTPS加密傳輸掃描設定，是在一般設定中的網路設定裡，可以做啟用或關閉。

The issuer of an HTTPS website certificate typically displays the certificate's issuing authority. However, in some cases, when viewing the certificate information on certain websites, the issuer appears as "Kaspersky" instead. This does not affect the functionality of the certificate, but the reason behind this change is unclear.

Further investigation revealed that if antivirus software has enabled HTTPS scanning, it installs its own certificate to facilitate the scanning of HTTPS transmissions.

By disabling the inspection of encrypted HTTPS traffic, the situation of the certificate issuer being replaced can be avoided.

The setting for HTTPS encrypted transmission scanning in Kaspersky Endpoint Security (KES), the enterprise edition of Kaspersky, can be found in the general settings under network settings. It provides the option to enable or disable this feature.

Kaspersky Embedded Systems Security 病毒碼更新失敗 Error code: 0x02C2. Subsystem code: 0x4

有兩台裝有Kaspersky Embedded Systems Security3.0的主機病毒碼一直更新失敗，但還有四台都正常。

發信問廠商，回覆是說要做資料庫回溯，但做了也沒用，所以又給了另一個解法，就是升級到3.1。

如果升3.1才有用，那沒道理其他四台用3.0的都沒事啊，所以就覺得廠商的回覆蠻隨便的。

因為是server，也不能隨意重開機，所以就決定把防毒主程式重啟好了。

這版本比較鳥的是，沒有選項讓你直接關閉服務，要去裝kess console，然後裡面才有關閉跟啟用的服務。

重啟後，更新還是失敗，但再一次，就成功了。

原本的錯誤訊息如下

Internal task error occurred. Error code: 0x02C2. Subsystem code: 0x4 (General). For more details go to the Kaspersky Technical Support site: https://click.kaspersky.com/?hl=en-US&link=error&pid=wsee&version=11.0.0.0&error=B4X706X

Kaspersky Embedded Systems Security Virus Database Update Failure Error code: 0x02C2. Subsystem code: 0x4

We encountered issues with two hosts running Kaspersky Embedded Systems Security 3.0, as the virus database updates consistently failed. However, the other four hosts had no problems with the updates.

We reached out to the vendor for assistance, and they suggested performing a database rollback. Unfortunately, this solution did not resolve the issue. They then proposed upgrading to version 3.1 as an alternative resolution.

It seemed odd that only upgrading to 3.1 would solve the problem, considering the other four hosts running 3.0 were functioning fine. We found the vendor's response somewhat casual.

Since these were server systems, we couldn't simply restart them without careful consideration. Instead, we decided to restart the antivirus main service.

One drawback of this version is that it lacks an option to directly disable the service. Instead, we had to install the Kaspersky Endpoint Security for Business console, where we found options to enable and disable services.

After restarting the service, the update initially failed again, but upon a subsequent attempt, it succeeded.

The original error message received was as follows:

"Internal task error occurred. Error code: 0x02C2. Subsystem code: 0x4 (General). For more details, please visit the Kaspersky Technical Support site: https://click.kaspersky.com/?hl=en-US&link=error&pid=wsee&version=11.0.0.0&error=B4X706X"

卡巴斯基安全管理中心資料備份和還原程式 無法備份

 在升級卡巴斯基安全管理中心前，官方文件建議要用內建的資料備份和還原程式(Program Files (x86) Kaspersky Lab Kaspersky Security Center klbackup .exe)先做備份。

但在按下備份時，程式就會直接關閉，無法備份，沒任何訊息。

然後在事件檢視器裡，就找到一個相關的錯誤訊，原因是因為在執行備份時，會需要連上db，但目前登入的帳號是網域帳號，但當初安裝時是用本機帳號，所以會連不上db做備份，這時只要改用原本安裝的帳號來執行就可以備份了。

Before upgrading the Kaspersky Security Center, the official documentation recommends using the built-in data backup and restore program (Program Files (x86) Kaspersky Lab Kaspersky Security Center klbackup.exe) to perform a backup.

However, when pressing the backup button, the program immediately shuts down without any error message, making it impossible to create a backup.

Upon checking the Event Viewer, an error message related to the issue was found. The reason for this error is that during the backup process, a connection to the database (db) is required. However, the current logged-in account is a domain account, while the initial installation was performed using a local account. As a result, the backup process fails to establish a connection to the database. To resolve this issue, it is necessary to execute the backup using the original account used during installation.

卡巴斯基防毒的相關文件

 http://i-services.info/kaspersky/

代理商有個網站上面有相關的教學分享，不錯用。

outlook信件有迴紋針，但信裡看不到附件

 偶爾都會有使用者反應，收到的信件，旁邊有迴紋針，表示信中有附件，但信打開，裡面卻只有內文，沒有任何附件。

後來仔細的查詢，當信件進來後，經過第一層的圾垃郵件過濾系統，信還是完整的，附件也都有。

之後進到Mail Server，信也是正常的，然後Outlook收信時，從Mail Server的log上看到，的確也是整封信傳過去，所以就判斷問題是在本機端產生，不是Mail Server的問題。

防毒軟體在安裝時，有另外在Outlook內插入一個增益集程式，做附件掃描的功能，後來在Outlook裡把這個功能關閉，有問題的信在重寄一次，附件就出現了。

Occasionally, users have reported receiving emails with paper clips indicating the presence of attachments, but upon opening the emails, they find only the body text and no attachments.

Upon further investigation, it was found that when the emails arrive, they pass through the initial spam filtering system intact, with all attachments included.

Subsequently, when the emails reach the Mail Server, they are still in their original state. However, while receiving the emails in Outlook, it was observed from the Mail Server logs that the complete emails were indeed being transmitted. This led to the conclusion that the issue originated on the local machine and was not a problem with the Mail Server.

During the installation of the antivirus software, an add-in was inserted into Outlook to enable attachment scanning. However, after disabling this functionality within Outlook, the problematic emails were resent, and the attachments appeared as expected.

使用指令移除 kaspersky embedded system security

 有一台主機的kaspersky embedded system security會造成某個程式被判斷有風險而中止，加到信任名單跟排除名單還是有問題，所以決定先移掉。

到新增移除程式裡移除時，都會出現fatal error，移除失敗。

使用kavremvr.exe這個工具，但這裡面沒有移除kaspersky embedded system security的選項。

只好請廠商支援，原來有一串指令可以用來移除，可以去註冊檔裡面找。

在UninstallString3 裡面值，就是移除的指令，移除完不會重開機。

但有個缺點，移除過程並無任何視窗提示，只能去事項檢視器去找相關的log來確認。

oCam錄製失敗 WASRecor: pAudioClient -> Initialize failed

 在用ocam要做一些win7電腦畫面的錄影時，會跳出錄製失敗 WASRecor: pAudioClient -> Initialize failed. 的錯誤。

但這電腦前幾天錄都正常，把程式重裝，重開機都沒用。

突然想到，關掉防毒試試，結果就好了，原來是我的防毒認為這程式需要啟用錄音跟畫面錄製，認為是種入侵的行為，就把它的一些功能擋掉，ocam本身只會秀出某些功能無法啟用而造成錄製失敗，以致於一開始就沒先想到是防毒的關係。

OPmanager windows服務監視 清單沒反應

 OPmanager 裡面有一個windows服務監視的功能，可以撈出被監控主機裡的所有服務，監控他們是否是啟動或是停止。

如果點選了"此處"要撈出所有服務的清單時，卻一直沒回應，就有可能是被防毒擋掉了，有的防毒會把這種行為當作是入侵主機的行為，可以把防毒先關掉試試就知了。

kaspersky embedded system security 安裝失敗 -2146762485

 有一台win2008(非r2)的主機在裝kaspersky embedded system security的防毒時，都會失敗，錯誤代碼就是 -2146762485，完全看不出哪裡有問題。

但在系統的事件檢視器裡，每次安裝時都會出視一個CAPI2的錯誤，好像是要去微軟那下載某個東西來裝。

因為這台主機無法對外上網，所以就去別台電腦連結這個網址，下載到一個憑證檔，然後把這個憑證檔在無法裝防毒的電腦上直接安裝匯入後，防毒就安裝成功了。

卡巴防毒連不到卡巴伺服器

有一台主機卡巴裝好後，一直連不上卡巴的主控伺服器，其他台都沒這個狀況。

程式都有正常安裝，代理程式也有啟動，連線伺服器的位置也沒錯，也ping的通。

但telnet13000跟14000兩個port卻不會通，蠻奇怪的，即然防毒沒啟動，為啥會這樣咧。

原來是這台主機有裝ISA 當proxy server，有做一些連線過濾，只要在ISA上把連到卡巴的主控伺服器做開放就可以正常連線了。

偵測到電腦內有 360 antivirus software 所以無法安裝卡巴防毒軟體

 在安裝卡巴的防毒軟體時，跳出"設定無法執行，因為電腦上已安裝了協力商應用程式 360 antivirus software"

但電腦上檢查過沒裝這個軟體，然後360又沒有出移除工具可以把電腦裡一些沒清乾淨的檔案移除。

這時後就要自己手動去清機碼了，在下例的機碼路徑是否有360字樣的相關資料夾，全部刪除後就可以裝了。

HKEY_CURRENT_USER\SOFTWARE\

HKEY_LOCAL_MACHINE\SOFTWARE

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node