Solved It's been ten days since I reported a false positive to Kaspersky [Updated]

[lostpass]

Installed Kaspersky on my old pc. Same false positives.
edit: I sent another report and this time they answered instantly. Now it's time to report the remaining websites for unblocking

''Hello, URL was removed from blocklist. It will be fixed in the next update. Thank you for your help.
Best regards, Vyacheslav, Malware Analyst''

 

[Marko :)]

These aren't blocked because they are malicious; these are blocked because they are piracy. Add the links DL uses to exclusions because I don't think they will unblock those links.

 

[ForgottenSeer 114717]

Best regards, Vyacheslav, Malware Analyst''

In "MyOffice" changed the general director

Vyacheslav Vladimirovich Zakorzhevsky

tadviser.com

 

[Parkinsond]

these are blocked because they are piracy

K has lost its reputation as "the crack-friendly" AV.

 

[Marko :)]

K has lost its reputation as "the crack-friendly" AV.

Funnily enough this website doesn't have anything to do with cracks or software. It's trustworthy site and very well known for providing access to hundreds of sport TV channels for free. The only issue with it are annoying ads, but uBlock Origin gets rid of all of them even in basic setup.

 

[Parkinsond]

Funnily enough this website doesn't have anything to do with cracks or software. It's trustworthy site and very well known for providing access to hundreds of sport TV channels for free. The only issue with it are annoying ads, but uBlock Origin gets rid of all of them even in basic setup.

I have such a long history of false positive detections by K system watcher, but I avoid reference to get around the attacks by K fans; B is much worse by the way.

 

[lostpass]

Funnily enough this website doesn't have anything to do with cracks or software. It's trustworthy site and very well known for providing access to hundreds of sport TV channels for free. The only issue with it are annoying ads, but uBlock Origin gets rid of all of them even in basic setup.

100% and the quality of most channels is very good - 1080p and 50fps.
edit: I don't want to unblock websites because if they get hacked, Kaspersky might miss something.

 

[Trident]

I have such a long history of false positive detections by K system watcher, but I avoid reference to get around the attacks by K fans; B is much worse by the way.

That’s just how behavioural blocking works, it’s either gonna be very heavy (a lot of operations) or it’s gonna produce false positives, if not it won’t be doing much. Or it will monitor only few untrusted processes… That’s it. Pick your flavour.

Protegent is always ready to provide behavioural blocking that probably doesn’t produce FPs…

 

[Parkinsond]

Pick your flavour

I prefer the blue one.

 

[Trident]

I prefer the blue one.

Sophos has a blue logo, when are you installing it? Or you’ve already done it…?

 

[Parkinsond]

Sophos has a blue logo, when are you installing it? Or you’ve already done it…?

Not that one; MD.

 

[SeriousHoax]

The blocked scripts are adware related as the name suggests. These are commonly blocked by AVs like Kaspersky and ESET. Also by Bitdefender and Avast but not as much as the other two. ESET is the most aggressive at blocking adware related scripts. Are you not using an adblocker? Because these are usually blocked by adblockers. In case of Kaspersky, most of the time these are blocked by adblockers before Kaspersky steps in, in case of ESET, usually they kick in before adblockers so browsing pirated streaming sites with ESET can be annoying at times.
Regarding the falsely blocked malicious sites, these things can happen from time to time with any AV product. Kaspersky is usually quick at fixing false positives. There can be delays in weekends.

 

[Marko :)]

100% and the quality of most channels is very good - 1080p and 50fps.
edit: I don't want to unblock websites because if they get hacked, Kaspersky might miss something.

It's extremely rare for websites to get hacked. And even if it happens, no antivirus software will protect you from it.

The only problem with the website are ads which could be malicious. But if you use ad blockers (like we advise everyone), you have nothing to worry about.

 

[Parkinsond]

Are you not using an adblocker? Because these are usually blocked by adblockers

K and Avast block such scripts even with the use of uBlock origin lite; seems uBOL is not blocking all of them or K and Avast intercept them first.

 

[Trident]

K and Avast block such scripts even with the use of uBlock origin lite; seems uBOL is not blocking all of them or K and Avast intercept them first.

Because they intercept the HTTPs traffic long before the adblocker has the chance to step in.

 

[SeriousHoax]

K and Avast block such scripts even with the use of uBlock origin lite; seems uBOL is not blocking all of them or K and Avast intercept them first.

My experience was regarding MV2 extensions. For uBO Lite which is a MV3 fully declarative extension, here from what I understand, uBOL simply tell the browser what to block and what not so things are going through the browser only, not the extension. It's the browser that is blocking thins, not the extension.
In case of MV2 uBO, uBO's filtering engine is accessing and filtering things before passing to the browser. It's uBO who blocks, not the browser.
If this is correct, then this is why I previously saw with MV2 uBO adware scripts getting blocked before Kaspersky's filtering. Now with MV3 it may have changed so you saw Kaspersky blocking adware scripts even with an adblocker.
But as @Trident said, in theory Kaspersky should intercept everything long before (similar to ESET) but in practice, MV2 uBO intercepts things before Kaspersky.

 

[oldschool]

For uBO Lite which is a MV3 fully declarative extension, here from what I understand, uBOL simply tell the browser what to block and what not so things are going through the browser only, not the extension. It's the browser that is blocking thins, not the extension.
In case of MV2 uBO, uBO's filtering engine is accessing and filtering things before passing to the browser. It's uBO who blocks, not the browser.

That is correct.

 

[lostpass]

Yes, I'm using ublock origin and most filters are checked.
Kaspersky unblocked thedaddy(dot)dad and dlhd(dot)click, but still continues to block the embedded TV streams on the website.

 

[Marko :)]

Kaspersky unblocked thedaddy(dot)dad and dlhd(dot)click, but still continues to block the embedded TV streams on the website.

Because DaddyLive embeds streams from various other sites. If one of them is flagged as malicious, Kaspersky blocks entire page. That's my guess.

Replace /stream/ in the URL with /embed/ and see if you can open the site.

 

[lostpass]

Because DaddyLive embeds streams from various other sites. If one of them is flagged as malicious, Kaspersky blocks entire page. That's my guess.

Replace /stream/ in the URL with /embed/ and see if you can open the site.

Keeps blocking it. I reported all 5-6 links to Kaspersky here. Will see