Jump to content
Kaspersky Support Forum

Can't resolve detected HEUR.Trojan-Downloader.Script.Generic [Closed]

LDL707

By LDL707
in Kaspersky Internet Security

 Share
Go to solution Solved by richbuff,

Recommended Posts

LDL707

LDL707

Posted
  • Author
Posted
I have a computer running Windows 10 Professional. I have Kaspersky Internet Security. I was recently alerted to a detection of HEUR.Trojan-Downloader.Script.Generic. When I tried to resolve it, the exclamation point icon turned to a spinning circle for about a second, and then went back to the exclamation point. KIS says that the detection was an e-mail attachment. I use Thunderbird on my desktop, and webmail for Gmail and Outlook. As far as I can tell, I never received an e-mail from the account that it claims the detection was found in. I never opened any unusual attachments. When I click on "Go To File", it takes me to "My Documents" and I find no file there that could be the detected virus. Please advise.
Link to comment
Share on other sites
richbuff

richbuff

Posted
Posted
Welcome. Please, using the complete, detailed detection details, go to the location of the item that was detected, and manually delete the item. Any better? If still no go, please post the full, complete detection details. Full file name, full path, full location, detection verdict. Post screenshot of Reports > Detailed reports > Detected objects. Main Kaspersky window > More Tools > Reports > upper right > Detailed reports > at the upper left, drop down from All Events to Detected objects. How to take and post screenshot: https://support.kaspersky.com/common/diagnostics/492
Link to comment
Share on other sites
LDL707

LDL707

Posted
  • Author
Posted
The location that it says is "Email attachment" and then an address, subject, and time. It doesn't tell me any directory on my computer where I might find it, and I can't find it in any of my e-mail accounts.
Link to comment
Share on other sites
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
Hello LDL707, Additional to Richbuff's instructions:
  1. Even tho the KIS application says "Clean object (email attachment) moved to quarantine by the user" , Kaspersky software has done this automatically. The wording is Kaspersky software "mispeaking", it is poorly written.
  1. Check KIS Quarantine:
In the KIS main application window
  1. select More Tools (1.)
  2. select Quarantine (2. & 3.)
this will open KIS Quarantine and show any objects the KIS application has detected and treated. If there are any objects that match the report you've shown in your screen image, select DELETE or DELETE ALL, to delete objects you do not wish to keep/restore.
  1. After selecting DELETE & or DELETE ALL, allow KIS to complete the process.
  2. REBOOT PC
  3. Run a VULNERABILITY SCAN
and
  1. Run a SELECTIVE SCAN, selecting the following paths to scan:
C:\Program Files (x86)\Rosetta Stone\ C:\Program Files\LibreOffice 5\ ------------------------------------------- Reference documentation: https://help.kaspersky.com/KIS/2019/en-US/68913.htm Quarantine window Objects in Quarantine list Contains a list of files moved to Quarantine. Quarantine is designed for storing backup copies of files that have been deleted or modified during the disinfection process. File This column displays the name of a quarantined file. Right-clicking opens a context menu, from which you can perform the actions available for quarantined files: restore, remove, or open in original folder. Path This column displays the path to the file. Detected This column shows the type of the detected object, for example, Network attack. Date This column shows the date and time when the file was moved to Quarantine. Restore When this button is clicked, Kaspersky Internet Security returns the file selected in the list to the folder in which it had been stored before it was moved to Quarantine. Delete When this button is clicked, Kaspersky Internet Security deletes the file that is selected in the list. Delete all files Clicking this button causes Kaspersky Internet Security to delete all backup copies of files that have been moved to Quarantine https://help.kaspersky.com/KIS/2019/en-US/68950.htm "Quarantine Clicking this link opens the Quarantine window, in which you can view information about files moved to Quarantine. Quarantine stores backup copies of files that have been deleted or modified during the disinfection process. Those copies are stored in a special format that is not dangerous for the computer.
Link to comment
Share on other sites
  • 4 months later...
richbuff

richbuff

Posted
Posted

Welcome. Please, using the complete, detailed detection details, go to the location of the item that was detected, and manually delete the item.

Any better? If still no go, please post the full, complete detection details. Full file name, full path, full location, detection verdict. Post screenshot of Reports > Detailed reports > Detected objects. 
Main Kaspersky window > More Tools > Reports > upper right > Detailed reports > at the upper left, drop down from All Events to Detected objects. 

How to take and post screenshot: https://support.kaspersky.com/common/diagnostics/492

Link to comment
Share on other sites
  • 1 month later...
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted

Greetings,  ! am having a similar issue. Web Antivirus is flagging the attached with no resolution. Web Antivirus incessantly is flagging and blocking and interupting my Outlook.

Would appreciate any assistance you could lend.

Thank you!

Hello  @nwulfkuhle,

Additional to @richbuff,

Do you use Outlook as an installed application?

The detected object may be attached to an email that “appears” to be from a legitimate source, if you find such an email, don’t open it, from within the Outlook application, use the Outlook reporting tools. 

&

Check Kaspersky application, Quarantine, if the object has been quarantined, select RESOLVE or DELETE for Kaspersky to manage the contaminated object. 

Thank you

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing


×
×
  • Create New...