Jump to content

Dangerous URL attack blocking.


Go to solution Solved by Berny,

Recommended Posts

Posted
Hello, the cloud antivirus detects a dangerous url. The curious thing is that it detects it even without being navigating or in the pc. I don't know what's going on. Attached is the antivirus report. If someone can help me solve this problem I would be very grateful. Best regards. hxxps://openphish.com/feed.txt?_=6 Object: hxxps://openphish.com/feed.txt?_=6 Reason: Heuristic Analysis Application: Opera Internet Browser
Flood and Flood's wife
Posted
Hello Nuit, Welcome! Please tell us:
  1. Operating system, version, release, build?
  2. (all ) installed Kaspersky software, version, patch?
  3. Opera browser?
  4. May we have a screen image of (from Kaspersky application) of the "dangerous" detection please?
Have you performed a full reset of Opera? Thanks!
Posted
Hello Nuit, Welcome! Please tell us: Operating system, version, release, build? (all ) installed Kaspersky software, version, patch? May we have a screen image of (from Kaspersky application) of the "dangerous" detection please? Thanks!
Hello, thank you very much for your reply. I enclose the requested data. Operating system, version, release, build? (all ) installed Kaspersky software, version, patch? Kaspersky Securtity Cloud Free 19.0.0.1088(f)
Posted
The curious thing is that it detects it even without being navigating or in the pc.
Also and in addition to the above Post from FLOOD, please check this pinned Topic : https://community.kaspersky.com/kaspersky-internet-security-13/notification-of-detection-file-or-website-detected-1313 If no fix please contact K-Lab Tech Support https://center.kaspersky.com
Hi, thank you very much. I think it's a false positive. Could you check it out? Thank you very much in advance. Best regards. https://www.virustotal.com/gui/url/18f60cf4abe4fffa56a3b904494e2eb8d4d3a9135268ead69c30e54b2f7d9cb1/detection
  • Solution
Posted
This Forum can't resolve a FP issue , as mentioned above please contact Tech Support.
Flood and Flood's wife
Posted
I enclose the requested data.
Operating system, version, release, build? W10, 1903, 18362.207 Kaspersky Securtity Cloud Free 19.0.0.1088(f)
Hello Nuit, Thank you for the data.and the images, as well as the info from Berny & Richbuff, the 2 objects - (green in my image), from the report you've provided, both pass checking by 70 antivirus scanners and URL/domain blacklisting services. If, AFTER, performing all the requested procedures, including the full reset of the Opera browser, and rechecking the issue please post back. The Lab Technical Support Team will not be available, unfortuately, as the Kaspersky software is the free version. However, if you use tool available @ https://virusdesk.kaspersky.com - REPORT a false detection - send both links for analysis to the Antivirus Lab Please do let us know how you go? Many thanks.
Posted
I enclose the requested data.
Operating system, version, release, build? W10, 1903, 18362.207 Kaspersky Securtity Cloud Free 19.0.0.1088(f)
Hello Nuit, Thank you for the data.and the images, as well as the info from Berny & Richbuff, the 2 objects - (green in my image), from the report you've provided, both pass checking by 70 antivirus scanners and URL/domain blacklisting services. If, AFTER, performing all the requested procedures, including the full reset of the Opera browser, and rechecking the issue please post back. The Lab Technical Support Team will not be available, unfortuately, as the Kaspersky software is the free version. Please do let us know how you go? Many thanks.
Hello, I marked the issue as solved thinking that the ticket was also for the free version.... It's clearly a false positive from Kaspersky. So I'm not going to give it much importance. It's probably from some update of ublock lists for dangerous domains. Thank you very much. Best regards.
Flood and Flood's wife
Posted
Hello Nuit, I agree with you, (imo) the detections are FPs, by submitting them @ https://virusdesk.kaspersky.com - REPORT a false detection, the experts do fix false positives, if the information is provided to them via the virusdesk page. Best regards.
Posted
Hello Nuit, I agree with you, (imo) the detections are FPs, by submitting them @ https://virusdesk.kaspersky.com - REPORT a false detection, the experts do fix false positives, if the information is provided to them via the virusdesk page. Best regards.
Hello, when I try to report the url I get the following error "An error occurred during send. Please try again later." Additionally as curious data the domain "OpenPhish" is in virustotal... If you can't report a false positive by this means or by support, because there are no free versions, I have no choice but not to give it any importance... I hope someday the users of the free versions will have some kind of support even if it is minimal. Thank you and regards. https://www.virustotal.com/gui/url/18f60cf4abe4fffa56a3b904494e2eb8d4d3a9135268ead69c30e54b2f7d9cb1/detection https://www.virustotal.com/gui/url/6f1b925e59929f4bc0947700b901575ffb21aeecbe3802134580ae7da9d4bba3/detection https://www.virustotal.com/gui/url/81989eca3d88e11aa41717b038e2a722a43329357a3c4002a9cb330a0d7fc405/detection
Posted
Confirmed detection of that url is given when updating the uBlock Origin lists. Regards.
Flood and Flood's wife
Posted
"when I try to report the url I get the following error "An error occurred during send. Please try again later."
Hello Nuit,
  1. The "an error occurred during send" error is NOT due to the Kaspersky Free software.
  2. Did you try using other browsers?
  1. & yes, I know OpenPhish is in VT, that's why it's important to submit the files/urls for analysis.
  1. If you can't report a false positive by VT - you can.
  1. (yesterday) I submitted hxxp://openphish.com/feed.txt?_=6 - (as an unlicenced user) Kaspersky software is no longer detecting.
  1. I didn't submit phishing.army - Kaspersky is still detecting.
Best regards
Posted
Hi, I finally had to uninstall it given the many false positive problems with my custom uBlock list. Thank you. Regards.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...