[What are the files in "C:\ProgramDate\Kaspersky Lab\AVP21.17\Bases\Cache"]

3 hours ago, Berny said:

@lightof7ustice

Please reinstall on-top Kaspersky, update Databases + Reboot.

Thank you

[What are the files in "C:\ProgramDate\Kaspersky Lab\AVP21.17\Bases\Cache"]

20 minutes ago, Berny said:

@lightof7ustice

Thank you for your feedback , please report  to AVG this False Positive. Also , running another security suite in cohabitation with Kaspersky is not recommended.

Thank you for the reply.

And how to check if the Kaspersky program is damaged and fix it if I may ask?

[What are the files in "C:\ProgramDate\Kaspersky Lab\AVP21.17\Bases\Cache"]

9 hours ago, Berny said:

@lightof7ustice

Can you please specify ?

 

Yes. It's AVG in passive mode with 0 modules installed, like below. I thought it to be compatible as the passive mode claims "allows you to use avg alongside another antivirus"

[What are the files in "C:\ProgramDate\Kaspersky Lab\AVP21.17\Bases\Cache"]

Regards.

I used a scanner to do a full scan and forgot to add K.'s folders to the exclusion at the first time. A file in this folder, namely

C:\ProgramData\Kaspersky Lab\AVP21.17\Bases\Cache\sw2.2df75168301c74eb.kmc|>file_3

was detected by the scanner and may be deleted. 

What is this file and this folder? Do I have to reinstall K. to repair it?

And btw, one more general question. How to tell if the program is damaged and how to fix it normally? I see there is no (kinda old school though) Repair option in the Control Panel-Program-Programs and Features section for K. or say in its installer.

Thanks.

[Kaspersky has removed Norton Utilities.]

Are you using both Kaspersky and Norton on the same OS?

[Unable to Activate]

I wonder what functionalities are disabled if not activated? Since Kaspersky probably knows this issue and would change the registration in the future, maybe it's totally fine (IMO) to keep it inactivated until the registration form is moved to Kaspersky website.

 

[Blocking certain urls for all programs using Kaspersky premium？]

Thank you for the help @harlan4096 & @Flood and Flood's wife,

Well, I must say it's very strange that after I clear not only Adobe but the whole cache/cookie/history, it's still not blocked. 

But anyway, I'm still very grateful for the assistance of both of you. Maybe it's due to other programs like Adguard or the DNS. As long as it's not a big problem for the firewall itself or other functions, I guess I can stop trying for now.

Shall I report this bug to the developers, and how if possible?

[Blocking certain urls for all programs using Kaspersky premium？]

17 minutes ago, harlan4096 said:

My rule:

 

 

And my results:

 

I change to www.adobe.com. The outcome is as followed:

The block history is logged in the Reports-Firewall now, which is different from the previous time (I suppose the Packet rule probably only records the exact URL matching the rule, just my guess though). But I can still visit the website www.adobe.com, maybe it's designed like this?

[Blocking certain urls for all programs using Kaspersky premium？]

23 minutes ago, harlan4096 said:

Did You move the packet to the top of the list?

Yes. If I understand correctly, that refers to this? (For the Block URL rule)

[Blocking certain urls for all programs using Kaspersky premium？]

6 hours ago, harlan4096 said:

Try removing the 1st line:

 

127.0.0.1 acrobat.adobe.com

 

Also, You may add a packet rule in Kaspersky FireWall:

 

 

Here "harswaretimes.in" it's the URL example... but not sure if it can block only specific levels of a dominion, as You are requesting, in Your case: adobe.com, just try...

Thank you for the answer.

I tried both "*.adobe.com" and "adobe.com", but the rule is not working, I can still visit adobe.com, the same after reboot. Did I do something wrong?

[Blocking certain urls for all programs using Kaspersky premium？]

Thank you @harlan4096 for the reply,

May I ask one more question about the hosts approach？

So basically,

If I use

127.0.0.1 acrobat.adobe.com

it could block the files but it also blocks the official website for Acrobat.

If I use

127.0.0.1 acrobat.adobe.com/*
127.0.0.1 acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf
0.0.0.0 https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf
127.0.0.1 acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf
0.0.0.0 https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf

it's not blocking anything.

Is it possible to block the 2 files or download attempts but not Acrobat official website?

[Blocking certain urls for all programs using Kaspersky premium？]

Hi all.

I don't know why,  but recently Adobe Acrobat Reader (probably, according to the file and link) has been trying to download 2 demo PDFs from its website through the links below. Since I have Internet Download Manager, the links always toggle the IDM, then it pops out the download task window. This happens almost once every day, so quite annoying. Is there a way to block those links for all the programs with Kaspersky's firewall or Intrusion prevention, so that Acrobat will not try to download those files and IDM will not jump out to help with that? I tried to use the Packet rules of the firewall but it was not quite intuitive.

P.S. I thought Acrobat was not supposed to behave like this.

The links:

https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf
https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf

 

[请问有没有离线的升级包]

参见反病毒数据库更新 (kaspersky.com.cn) 与 

 

[Does example@@kasperskyeu.com belong to Kaspersky official?]

On 5/12/2024 at 6:57 PM, Berny said:

@lightof7ustice

The domains ‘kasperskyeu.com’ and ‘kaspersky.com’ are pointing to the same Server names

• ns1 .kasperskylabs.net
• ns2 .kasperskylabs.net
• ns3 .kasperskylabs.net

Great, many thanks to both of you😄

[Does example@@kasperskyeu.com belong to Kaspersky official?]

Thank you for the reply @Flood and Flood's wife, please find the address attached.

It's kasperskyeu rather than straight kaspersky, which confuses me a bit.

[Does example@@kasperskyeu.com belong to Kaspersky official?]

Hi, sorry to bother. 

Just for clarification, does e.g. noreply@@kasperskyeu.com officially belong to Kaspersky? I found email in the junk email folder.

Kind Regards

[How to follow up on malware upload tickets, and a KOTIP question]

6 minutes ago, Berny said:

@lightof7ustice

You are talking about “potential malware”  did you obtain the verdict from KOTIP ?

Hi, I was about to update. Yeah, I uploaded it to KOTIP again and ran a dynamic analysis just now. This time it's clean. Can't find the detection on 24th April.

But from the reports I got from other sandboxes stating it was malicious, and I ran it on my virtual machine, I was considering it suspicious. I'm not sure if it's OK to post technical support ticket ID here, but this one is in one of the tickets I'd like to follow up.

[How to follow up on malware upload tickets, and a KOTIP question]

Hello,

I submitted 2 tickets for missed malware at Consumer Support. No further updates after I was asked to provide samples in the attachment and I did so. Is it possible to follow up after that?

Apart from that, one potential malware I submitted on KOTIP (opentip) is detected as Trojan, but still labeled as Not categorized, is there any reason for that outcome? I was thinking since it's detected already, it can be categorized as so.

Thanks in advance.

[Residual registry entries after overwrite installation from 21.3 to 21.16]

26 minutes ago, nexon said:

Hello,

Welcome.

Yes. It is better uninstall restart pc then install (clean install) update it and thats it few mintutes.

Thanks for your reply. I will follow that next time update.

[Can not Complete the user registration form after install kaspersky anti ransomware tool for home]

Hi @Vasily Burov,

Sorry to bother but I had the same problem. I was connecting from Spain so there shouldn't be a censorship problem. I tried directly connecting, connecting with Kaspersky VPN and Adguard VPN, but none of them works for access to the aforementioned site.

[Residual registry entries after overwrite installation from 21.3 to 21.16]

I recently manually updated from KIS 21.3 to Kaspersky Premium 21.16 with an overwrite installation. I saw from some fan forums saying it's recommended to first uninstall and then install rather than overwrite as the latter leaves registry residuals and services. So I checked in my registry, and I found the registry residuals are mainly in the key HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services, for example in the screenshot.

 

 

Given this key, just out of some sort of minor neat freak, is it safe to delete the values for the 21.3 version? Besides, I didn't see values for 21.16 in this key, is it abandoned and replaced by other functions in newer versions?

Last thing, is it true that "first uninstall then install" is better than "overwrite installation"?