Jump to content
Kaspersky Support Forum

False Positive: HEUR:Trojan.Script.Generic [Solved][Closed]

bobbyray123

By bobbyray123
in Kaspersky Total Security

 Share
Go to solution Solved by Flood and Flood's wife,

Recommended Posts

Wesly.Zhang

Wesly.Zhang

Posted
Posted
Wesly.Zhang, The detection occurs with 3 different Kaspersky products: KTS, KCS, KISA - updated databses, 3 clean browsers, 3 different devices and 3 different geographical locations.
Hello, FLOOD What‘s your product database release date? If the database update successfully, you still encounter this behavior. You do the following steps to clean the AVP database cache loaded by the product.
  1. Disable self-defense and exit product;
  2. Go to C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache;
  3. Delete all the files and folders in Cache folder;
  4. Start product and enable self-defense;
  5. Re-check this issue.
Regards.
Link to comment
Share on other sites
Wesly.Zhang

Wesly.Zhang

Posted
Posted
Wesly.Zhang Procedure attempted using elevated admin - unable to clear cache due to no option available to grant permission
Hello, FLOOD Do you disable self-defense and exit product first? There is no avp.exe, avpui.exe process in process manager window? and then Delete all files and folders. I can clean all the files and folders without any problem. Regards.
Link to comment
Share on other sites
Wesly.Zhang

Wesly.Zhang

Posted
Posted
Hello Wesly.Zhang Regards
Hello,FLOOD I see kaspersky password manager. Please exit all kaspersky products. KSC,KPM, etc. Any better? If it still not go, please do a little test: Go to c:\program files(x86)\kaspersky lab\{product name}\.copy avp.exe to the desktop and delete the original one. If it can't be done, AVP self-denfense don't be closed even if you disable it in product GUI. Let me know the result of little test. Regards.
Link to comment
Share on other sites
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
Please exit all kaspersky products. KSC,KPM.
Hello Wesly.Zhang
---
  1. Re: Test: c:\program files(x86)\kaspersky lab\{product name}\.copy avp.exe to the desktop
---
  1. Re: Delete original avp.exe
  1. Re: "AVP self-denfense can't be closed",
AVP self-defense is closed. ----
  1. Why is this necessary?
  2. Has Kaspersky released the fix Wesly.Zhang, Anton Mefodys ?
Regards.
Link to comment
Share on other sites
Wesly.Zhang

Wesly.Zhang

Posted
Posted
Please exit all kaspersky products. KSC,KPM.
Hello Wesly.Zhang
---
  1. Re: Test: c:\program files(x86)\kaspersky lab\{product name}\.copy avp.exe to the desktop
---
  1. Re: Delete original avp.exe
  1. Re: " AVP self-denfense can't be closed",
AVP self-defense is closed. ----
  1. Why is this necessary?
  2. Has Kaspersky released the fix Wesly.Zhang, Anton Mefodys ?
Regards.
Hello, FLOOD This is strange behavior. Let's do the second test:
  1. confirm self-defense is turn off. "Settings --> Additional --> Self-defense --> confirm uncheck "Enable Self-Defense"".
  2. Setting --> General section --> uncheck "Launch Kaspersky Internet Security at computer startup (recommended)"
  3. reboot pc
  4. Go to C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache folder.
  5. Delete all files and folders.
Let me konw the result. Regards.
Link to comment
Share on other sites
  • 8 months later...
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted

Hello @giacomocelli,

Welcome!

  • The detection may be valid or it may be a false positive.
  • Please raise a case with Kaspersky Technical Support, please provide a detailed history, images, they may ask for Traces, captured as the issue is replicated. Ask them to determine if the detection is correct. 
  • After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will communicate with you, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in your MyKaspersky account.

 

 

 

 

 

 

 Thank you🙏

Flood🐳

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing


×
×
  • Create New...