Kaspersky
Solved

KSC Free shows warning, with Brave browser and swisscows search engine, "Access denied, Malicious website"


 

Hi,

I have Kaspersky Security Cloud free version 21.2.16.590 (b) and Brave browser. In Brave browser I use Swisscows.com, it is Swiss well respected privacy search engine. Almost every time when I search something I get this pop up from Kaspersky:

 

and when I click on it I get this: 

Swisscows should be trusted site, why is this happening? On other pages it works fine, no pop ups.

icon

Best answer by Flood and Flood's wife 5 March 2021, 12:52

So Swisscows is the problem, I must wait for them to fix it? Until then better to use some other google alternative? I will also try to get in touch with them to explain them situation.

What did you mean by that picture from Kaspersky virus experts: “You are required to please, remove the link”

Hello @Beacon_of_hope

(ioo) do not use swisscows until they’ve fixed the issue.

The Kaspersky person who wrote “You are required to please, remove the link”, made a small mistake; it should say, “to fix the problem, they are required to please remove the link”, then the actual link as it is in the email we received.

Thank you:pray_tone3:

Flood:whale: +:whale2:

View original

11 replies

Userlevel 7
Badge +9

Hello @Beacon_of_hope,

Welcome!

  1. Brave is not listed as a supported browser.
  2. In the last 2 weeks there’s been at least 4 other cases with the gdprvalidate.de detection - see topics at the end of our reply
  3. We’ve replicated the issue. 
  4. We tested in Chrome, Edge & Brave (even tho it’s not supported), with all extensions & addons disabled. 
  5. We’ve submitted a case & will update (your topic) when the Kaspersky Technical Team respond

 

 

 

 

 

 

The gdpr... domain appears to belong to an adware, some of which is referred to as CacheFlow.

It nests as a browser add-on, manipulates search results and probably also runs clicks on advertisements in the background.

As a first measure, all add-ons should be checked.
Especially suspicious is everything that has to do with Instagram down or upload, other video downloaders are also used as camouflage.

Please disable all add-ons in the browser, then restart the browser. 

Thank you:pray_tone3:

Flood:whale: +:whale2:

Additional topics: 

Avvisi continui collegamento malevolo

Access Denied Malicious website-xf.gdprvalidate.de in Edge

Access Denied Malicious website-xf.gdprvalidate.de in Firefox Windows 10

Ok, thank you very much, good to know you are aware of problem:smiley:  In Brave browser I have add-on Emsisoft browser security (tryed disabling, problem remains ), I know that Kaspersky doesn’t fully support Brave so I use that add-on as additional protection. I also replicated problem in Firefox (didn’t install there Emsisoft add-on), but judging with link you provided you already know that.

Waiting for Kaspersky Technical Team response :slight_smile:

 

 

Userlevel 7
Badge +5

Hello,

This URL is associated with a malicious browser extension.

Userlevel 7
Badge +8

Also, it seems the system probably has some kind of PUP/PUA/Adware which triggering those malicious URL accesses…

 

I would run a tool such as AdwCleaner to check...

Userlevel 7
Badge +9

Waiting for Kaspersky Technical Team response :slight_smile:

Hello @Beacon_of_hope
You’re very welcome:relaxed: !

SC is a search engine (offered as Google alternative), however, see reply from Kaspersky virus experts: 

 

 

SC have not responded to our communications alerting them to the issue. 

Thank you:pray_tone3:

Flood:whale: +:whale2:

Userlevel 7
Badge +9

Also, it seems the system probably has some kind of PUP/PUA/Adware which triggering those malicious URL accesses… I would run a tool such as AdwCleaner to check...

Hello @harlan4096

Thanks for the advice, our systems are clean, the (test) detections are as a result of the embedded links used by SC.  

 

 

Thank you:pray_tone3:

Flood:whale: +:whale2:

Hello,

This URL is associated with a malicious browser extension.

Also, it seems the system probably has some kind of PUP/PUA/Adware which triggering those malicious URL accesses…

 

I would run a tool such as AdwCleaner to check...

I scanned my system with KC free and I have passive free scanners Malwarebytes and SuperAntiSpyware, everything is clean. If Kaspersky team is able to replicate the problem then I am sure that it is not my PC.

 

Thanks for the advice, our systems are clean, the (test) detections are as a result of the embedded links used by SC.  

Thank you:pray_tone3:

Flood:whale: +:whale2:

So Swisscows is the problem, I must wait for them to fix it? Until than better to use some other google alternative? I will also try to get in touch with them to explain them situation.

What did you mean by that picture from Kaspersky virus experts:

“You are required to please, remove the link”

 

Userlevel 7
Badge +9

So Swisscows is the problem, I must wait for them to fix it? Until then better to use some other google alternative? I will also try to get in touch with them to explain them situation.

What did you mean by that picture from Kaspersky virus experts: “You are required to please, remove the link”

Hello @Beacon_of_hope

(ioo) do not use swisscows until they’ve fixed the issue.

The Kaspersky person who wrote “You are required to please, remove the link”, made a small mistake; it should say, “to fix the problem, they are required to please remove the link”, then the actual link as it is in the email we received.

Thank you:pray_tone3:

Flood:whale: +:whale2:

Ok, if they don’t fix it soon I will use some other search engine. Thanks for answer :sunglasses:

 

I think they fixed it, I tried today to search in Swisscows more than 15 times in Brave and 10 in Firefox and I didn’t get this message. I will still test it but I am 95% sure it is fixed:grin:

Userlevel 7
Badge +9

I think they fixed it!

Hello @Beacon_of_hope

Yes indeed, it is fixed, Kaspersky finally removed *logo.gdprvalidate.de* from their blocklists

 

 

Thank you:pray_tone3:

Flood:whale: +:whale2:

Reply