How to disable Kaspersky Antivirus javascript injection?

windows-7 anti-virus kaspersky

There is a setting to disable script injection in the newest Kaspersky version (>16.0.1):

Settings -> Additional -> Network -> Inject scripts into web traffic to interact with web pages.


I found a solution that worked for me:

Kaspersky application

Settings Page

select "Additional" section on left side

select "Network" settings

Monitored Ports

[ ] Monitor all network ports

[X] Monitor selected ports only Select...

Click the Select... link

  • Remove: HTTPS on port 443
  • Remove: HTTP on port 80
  • Remove: any/all other HTTP if you use those frequently
  • Bottom of the list, UNCHECK "Monitor all network ports..."

Close the Network Ports window

Close the settings window

Restart your browsers...


you can add these to C:\Windows\System32\drivers\etc\hosts

0.0.0.0    gc.kis.scr.kaspersky-labs.com    # Kaspersky anti-injection for Google Chrome
0.0.0.0    ff.kis.scr.kaspersky-labs.com    # Kaspersky anti-injection for Mozilla Firefox
0.0.0.0    ie.kis.scr.kaspersky-labs.com    # Kaspersky anti-injection for Internet Explorer

Refrence


As a quick workaround you can just disable that host in hosts file.

Put 

127.0.0.1 gc.kis.scr.kaspersky-labs.com

to

C:\Windows\System32\drivers\etc\hosts

You will need admin rights and maybe notepad++ to edit this file.

How it works

Kaspersky AV seem to transparent proxy the traffic. If they do that on https pages too this means that Kaspersky AV have also installed root certificate to your system.

By putting the line to hosts you are blocking the connection to that hosts, so JS file is not loading (but the code would still be on that page).

I am not familiar with Kaspersky AV options, but if there is no option in settings you'd better don't fight with software that you installed yourself on your pc. If you don't like it - change it, otherwise accept it.

Because even if you remove root certificate - the software would install it again. And I don't know the way how you can block transparent proxy if there is no such option in settings.

Also another tips:

  • Check browser proxy settings maybe it's not transparent proxy, but a usual proxy setting and you can just change browser settings
  • Check browser for plugins, maybe you can just disable Kaspersky AV plugins if there are any

I personally prefer old antivirus versions (with newest database updates of course), because they do only what they should do and nothing more. They are not uploading "suspicious" files to their servers and not injecting anything.

Also I recommend anyone to buy only "AntiVirus", but not "InternetSecurity" or something like that, because that things cost a lot, don't work, slows your browser, and sometimes do some really suspicious things.


I've found the source of these JS files. They are in plugins_facade.dll in Kaspersky dir. Just go ahead and delete the dll file. I did it and it worked!

Related

How to open a browser from terminal
How to disable the output of 7-Zip?
Where exactly L1, L2 and L3 Caches located in computer?
How to run make file from any directory?
Is there a built-in method for computing an SHA-1 or MD5 hash in Windows 7? [duplicate]
Preventing bash from displaying "Done" when a background command finishes executing
What is the purpose of this 4 pin cable with 3 wires that came with an old IDE DVD-ROM drive?
Leap Seconds in Windows
How to find the MAC address of a remote computer?
How do I do a binary diff on two identically sized files under Linux?
apt says packages have been kept back, what to do?
Where do I right-click to get the taskbar menu when the taskbar is full?