lightof7ustice

Thank you

Thank you for the reply. And how to check if the Kaspersky program is damaged and fix it if I may ask?

Yes. It's AVG in passive mode with 0 modules installed, like below. I thought it to be compatible as the passive mode claims "allows you to use avg alongside another antivirus"

Regards. I used a scanner to do a full scan and forgot to add K.'s folders to the exclusion at the first time. A file in this folder, namely C:\ProgramData\Kaspersky Lab\AVP21.17\Bases\Cache\sw2.2df75168301c74eb.kmc|>file_3 was detected by the scanner and may be deleted. What is this file and this folder? Do I have to reinstall K. to repair it? And btw, one more general question. How to tell if the program is damaged and how to fix it normally? I see there is no (kinda old school though) Repair option in the Control Panel-Program-Programs and Features section for K. or say in its installer. Thanks.

Are you using both Kaspersky and Norton on the same OS?

I wonder what functionalities are disabled if not activated? Since Kaspersky probably knows this issue and would change the registration in the future, maybe it's totally fine (IMO) to keep it inactivated until the registration form is moved to Kaspersky website.

Thank you for the help @harlan4096 & @Flood and Flood's wife, Well, I must say it's very strange that after I clear not only Adobe but the whole cache/cookie/history, it's still not blocked. But anyway, I'm still very grateful for the assistance of both of you. Maybe it's due to other programs like Adguard or the DNS. As long as it's not a big problem for the firewall itself or other functions, I guess I can stop trying for now. Shall I report this bug to the developers, and how if possible?

I change to www.adobe.com. The outcome is as followed: The block history is logged in the Reports-Firewall now, which is different from the previous time (I suppose the Packet rule probably only records the exact URL matching the rule, just my guess though). But I can still visit the website www.adobe.com, maybe it's designed like this?

Yes. If I understand correctly, that refers to this? (For the Block URL rule)

Thank you for the answer. I tried both "*.adobe.com" and "adobe.com", but the rule is not working, I can still visit adobe.com, the same after reboot. Did I do something wrong?

Thank you @harlan4096 for the reply, May I ask one more question about the hosts approach？ So basically, If I use 127.0.0.1 acrobat.adobe.com it could block the files but it also blocks the official website for Acrobat. If I use 127.0.0.1 acrobat.adobe.com/* 127.0.0.1 acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf 0.0.0.0 https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf 127.0.0.1 acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf 0.0.0.0 https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf it's not blocking anything. Is it possible to block the 2 files or download attempts but not Acrobat official website?

Hi all. I don't know why, but recently Adobe Acrobat Reader (probably, according to the file and link) has been trying to download 2 demo PDFs from its website through the links below. Since I have Internet Download Manager, the links always toggle the IDM, then it pops out the download task window. This happens almost once every day, so quite annoying. Is there a way to block those links for all the programs with Kaspersky's firewall or Intrusion prevention, so that Acrobat will not try to download those files and IDM will not jump out to help with that? I tried to use the Packet rules of the firewall but it was not quite intuitive. P.S. I thought Acrobat was not supposed to behave like this. The links: https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf

参见反病毒数据库更新 (kaspersky.com.cn) 与

Great, many thanks to both of you😄

Thank you for the reply @Flood and Flood's wife, please find the address attached. It's kasperskyeu rather than straight kaspersky, which confuses me a bit.

Hi, sorry to bother. Just for clarification, does e.g. noreply@@kasperskyeu.com officially belong to Kaspersky? I found email in the junk email folder. Kind Regards

Hi, I was about to update. Yeah, I uploaded it to KOTIP again and ran a dynamic analysis just now. This time it's clean. Can't find the detection on 24th April. But from the reports I got from other sandboxes stating it was malicious, and I ran it on my virtual machine, I was considering it suspicious. I'm not sure if it's OK to post technical support ticket ID here, but this one is in one of the tickets I'd like to follow up.

Hello, I submitted 2 tickets for missed malware at Consumer Support. No further updates after I was asked to provide samples in the attachment and I did so. Is it possible to follow up after that? Apart from that, one potential malware I submitted on KOTIP (opentip) is detected as Trojan, but still labeled as Not categorized, is there any reason for that outcome? I was thinking since it's detected already, it can be categorized as so. Thanks in advance.

Thanks for your reply. I will follow that next time update.

Hi @Vasily Burov, Sorry to bother but I had the same problem. I was connecting from Spain so there shouldn't be a censorship problem. I tried directly connecting, connecting with Kaspersky VPN and Adguard VPN, but none of them works for access to the aforementioned site.

I recently manually updated from KIS 21.3 to Kaspersky Premium 21.16 with an overwrite installation. I saw from some fan forums saying it's recommended to first uninstall and then install rather than overwrite as the latter leaves registry residuals and services. So I checked in my registry, and I found the registry residuals are mainly in the key HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services, for example in the screenshot. Given this key, just out of some sort of minor neat freak, is it safe to delete the values for the 21.3 version? Besides, I didn't see values for 21.16 in this key, is it abandoned and replaced by other functions in newer versions? Last thing, is it true that "first uninstall then install" is better than "overwrite installation"?