AndrewL
Members-
Posts
23 -
Joined
-
Last visited
Everything posted by AndrewL
-
ERR_HTTP2_PROTOCOL_ERROR on particular sites
AndrewL replied to DR_NOMAD's topic in Kaspersky Internet Security
Is it still not working for you? https://motopress.com loads just fine for me (it didn’t before, when you reported it). -
ERR_HTTP2_PROTOCOL_ERROR on particular sites
AndrewL replied to DR_NOMAD's topic in Kaspersky Internet Security
Now they are. 😅 -
ERR_HTTP2_PROTOCOL_ERROR on particular sites
AndrewL replied to DR_NOMAD's topic in Kaspersky Internet Security
After a quick check I noticed that most of the sites mentioned in this thread are now working (even tiny.pl from above)! 😀 Although there a few which are still inaccesible: https://backpackforlaravel.com https://www.theedgesingapore.com https://www.esjzone.cc -
ERR_HTTP2_PROTOCOL_ERROR on particular sites
AndrewL replied to DR_NOMAD's topic in Kaspersky Internet Security
Right, but: Opera is blocked by Kaspersky on these sites Vivaldi is not blocked by Kaspersky, despite there is an extension (enabling or disabling it doesn’t make a difference)So I am not sure what “not supported” exactly means. -
ERR_HTTP2_PROTOCOL_ERROR on particular sites
AndrewL replied to DR_NOMAD's topic in Kaspersky Internet Security
I don’t think that would work. For example, I downloaded Opera portable and it still has the issue. Only other browsers like Vivaldi never had the problem (somehow not directly supported apparently). -
ERR_HTTP2_PROTOCOL_ERROR on particular sites
AndrewL replied to DR_NOMAD's topic in Kaspersky Internet Security
I understand that, but what if the affected site was google.com, hotmail.com, kaspersky.com? I think this should be treated as if thousands of users cannot access a site, and you can’t go one by one explaining a workaround. Also many first time visitors will just move on when the site displays this errors, unaware of this problem. -
Kaspersky bloquea el sitio criptoya.com
AndrewL replied to AndrewL's topic in Para usuarios particulares
Claro, Kaspersky ciertamente me bloquea cosas en Opera, por eso me extraña que en Opera suceda este problema, y en Vivaldi, aun activando la extensión, no. Evidentemente esto no tiene que ver con la extensión del navegador. Reitero: ya agregué la dirección de confianza y solucioné el problema con esa página hace unos días. Sólo estoy “filosofando” un poco sobre por qué sucede en un navegador y no en otro, o por qué a algunos usuarios sí y a otros no. -
Kaspersky bloquea el sitio criptoya.com
AndrewL replied to AndrewL's topic in Para usuarios particulares
Anti-Banner desactivado, Navegación Privada activada, pero aun desactivándola no cambia nada. Sobre los navegadores, el problema es con Opera (que es también basado en Chromium), y no tengo ninguna extensión de Kaspersky. ¿Esto significa que Kaspersky no actúa si se usan navegadores distintos a algunos en particular? No me queda en claro por qué a algunos les funcionan y a otros no. ¿Todos los sitios mencionados te funcionan? Fíjate en la publicación en inglés que mencioné más arriba, hay mucha gente con el exacto mismo problema. Como indicaron en la segunda página de esa publicación, las páginas funcionan si en Configuración / Configuración de red / Análisis de conexiones cifradas se elige "No analizar las conexiones cifradas", aunque claro, esto no es recomendable. -
Kaspersky bloquea el sitio criptoya.com
AndrewL replied to AndrewL's topic in Para usuarios particulares
Perdón que no aclaré, terminé haciendo lo que sugieren en esa publicación, que es lo de Configuración / Configuración de red / Direcciones de confianza. Las lista de “URL de confianza” de Web Anti-Virus no funcionó. ¿Será que te funciona porque tienes el Total Security en vez del Internet Security? ¿Probaste las direcciones de la otra publicación? Aquí te dejo algunas de las allí mencionadas que a mí tampoco me funcionan: https://mapgenie.io https://leasticoulddo.com https://genshin.honeyhunterworld.com https://covidtracker.fr https://www.folhape.com.br Con Vivaldi todas funcionan, debe de ser por alguna funcionalidad de privacidad del navegador, que impide que Kaspersky intercepte. -
Kaspersky bloquea el sitio criptoya.com
AndrewL replied to AndrewL's topic in Para usuarios particulares
Bueno, acabo de ver que en inglés hay un montón de gente reportando cosas similares, perdón por repetir el problema. Link Lo extraño es que por algún motivo, el navegador Vivaldi en muchos casos los sitios funcionan. -
Kaspersky bloquea el sitio criptoya.com
AndrewL replied to AndrewL's topic in Para usuarios particulares
Tengo Kaspersky Internet Security hace años, y hace algunas semanas comenzó a bloquear este sitio: https://criptoya.com En pantalla aparece el mensaje: No se puede acceder a este sitioEs posible que la página web en https://criptoya.com/ar no funcione temporalmente o se haya trasladado de manera permanente a una nueva dirección web. ERR_HTTP2_PROTOCOL_ERROR Kaspersky no muestra ningún mensaje. Al desactivar el antivirus, el sitio vuelve a funcionar. Lo extraño es que si reactivo Kaspersky, inicialmente el sitio sigue funcionando. Pero luego de unos minutos, el problema vuelve a suceder. Probando módulo por módulo, el que produce esto es el Web Anti-Virus; desactivándolo basta para que el sitio vuelva a funcionar. He intentado agregar la url entre las exclusiones de URL Advisor, como así también a la lista de URLs de confianza, pero no soluciona el problema. Incluso probé desactivando toda la configuración del Web Anti-Virus, pero tampoco. Lo único que funciona es desactivar el módulo completo. En los informes del Web Anti-Virus tampoco dice nada, sólo cada vez que lo inicié y detuve. Esto es en Windows 10 Pro x64 20H2 19042.1237, y utilizando Kaspersky Internet Security 21.3.10.0391 (g). Muchas gracias. -
Por favor, eliminar. Mis disculpas.
-
Since yesterday, Kaspersky is blocking the request my webmail does to refresh the mailbox. It says there could be a data loss, even though it's under https and the certificate is ok. The interface is Roundcube. The blocked url is like this: https://wmail4.sion.com/?_task=mail&_action=list&_refresh=1&_mbox=INBOX&_remote=1&_unlock=loading1556301415877&_=1556298403553 And the response status is "499 Request has been forbidden by antivirus". Under the advanced Web AV configuration, I've added "https://wmail4.sion.com/*", but the problem persists. If I uncheck the heuristic analysis, then the page works again. Can I disable heuristic analysis just for this url? Or can I send something to Kaspersky for analysis so they no longer detect this as risky? Using the Developer Toolbar, I see that the request's response is Kaspersky's page explaining this and with a link to inform a false positive. I clicked it several times but it doesn't fix it. Maybe because it whitelists the entire url, which of course changes every time? Thanks in advance!
-
Oh, I thought the following messages from KLVirusDesk after that message of mine were for the second version. I've uploaded the file to Dropbox. https://www.dropbox.com/s/h4rxfil4zcha5i7/initjs-virus.zip?dl=0 If you don't have an account, you have to click on the "no" at the bottom of the popup, and then on Download / Direct download, on the top right corner.
-
Thanks a lot for all your follow-ups, harlan. I've checked the web site and indeed the init.js file is now just 5k instead of 669kb (as the second version we have seen); all its obscured JavaScript code is gone. Is this blacklisting they mention simply url-based? Because I have downloaded the previous malicious .js file and my updated KIS still does not detect it, even with the deep heuristics settings. It's not that it matters much now, but I was just wondering why it doesn't. Also KSN and Kaspersky Application Advisor say nothing about it. Again, this exact file will probably be never seen again, but the obfuscated code may appear somewhere else in the future.
-
Wow, thank you! I was going to send an email to that web site, as maybe they have been hacked, or some employee added this mining script, but I noticed that the file has been changed. Now it is no longer detected by Kaspersky. In Virus Total only one engine (Antiy-AVL) detects it. Could you confirm the new version is safe, and not simply a more obscure script?
-
Right, but at that moment I thought it may keep alerting me if I chose not to delete it. I'll try that next time. Still, Kaspersky shouldn't ask me to reboot. It happened some time ago the same thing with some other files, and it kept asking me to reboot as it wasn't able to delete them after each reboot, as those files were gone as well. I ended up having to restore them so Kaspersky could -finally- delete them.
-
Whenever I have a suspicious file and Kaspersky detectes a virus in it, if I manually delete the file, Kaspersky insists that I have a problem and that it should delete the file. If I choose "delete", it tries for a while and then asks for a reboot to delete it. I think Kaspersky should be smart enough to realize that the reason the file cannot be deleted is that it is gone already, and not that it's locked or something else. Once this happens, the Kaspersky icon remains red until I reboot, which I find quite bothering. Edit: I just realized I created this as a "question", instead of discussion or idea. Can that be changed when editing the post?
-
While looking for word meanings in this official Spanish site (ps://dle.rae.es), Kaspersky reported a trojan in this file: ps:// dle.rae.es/ js/init. js Not loading this apparently breaks the whole site styling. Kaspersky reports this as "HEUR:Trojan.Script.Miner.gen". However, if I download this file and scan it, nothing is found. I then uploaded it to Virus Total and only 2 out of 57 engines detected a virus. Kaspersky did not either. I just tried increasing the heuristic level to the maximum, and only then Kaspersky detected again this supposed trojan in this downloaded file. Is this a false positive?