Jump to content
Kaspersky Support Forum

False Positive: HEUR:Trojan.Script.Generic [Solved][Closed]

bobbyray123

By bobbyray123
in Kaspersky Total Security

 Share
Go to solution Solved by Flood and Flood's wife,

Recommended Posts

Wesly.Zhang

Wesly.Zhang

Posted
Posted
Wesly.Zhang, The detection occurs with 3 different Kaspersky products: KTS, KCS, KISA - updated databses, 3 clean browsers, 3 different devices and 3 different geographical locations.
Hello, FLOOD What‘s your product database release date? If the database update successfully, you still encounter this behavior. You do the following steps to clean the AVP database cache loaded by the product.
  1. Disable self-defense and exit product;
  2. Go to C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache;
  3. Delete all the files and folders in Cache folder;
  4. Start product and enable self-defense;
  5. Re-check this issue.
Regards.
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
Wesly.Zhang Procedure attempted using elevated admin - unable to clear cache due to no option available to grant permission
Wesly.Zhang

Wesly.Zhang

Posted
Posted
Wesly.Zhang Procedure attempted using elevated admin - unable to clear cache due to no option available to grant permission
Hello, FLOOD Do you disable self-defense and exit product first? There is no avp.exe, avpui.exe process in process manager window? and then Delete all files and folders. I can clean all the files and folders without any problem. Regards.
Wesly.Zhang

Wesly.Zhang

Posted
Posted
Hello Wesly.Zhang Regards
Hello,FLOOD I see kaspersky password manager. Please exit all kaspersky products. KSC,KPM, etc. Any better? If it still not go, please do a little test: Go to c:\program files(x86)\kaspersky lab\{product name}\.copy avp.exe to the desktop and delete the original one. If it can't be done, AVP self-denfense don't be closed even if you disable it in product GUI. Let me know the result of little test. Regards.
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
Please exit all kaspersky products. KSC,KPM.
Hello Wesly.Zhang
---
  1. Re: Test: c:\program files(x86)\kaspersky lab\{product name}\.copy avp.exe to the desktop
---
  1. Re: Delete original avp.exe
  1. Re: "AVP self-denfense can't be closed",
AVP self-defense is closed. ----
  1. Why is this necessary?
  2. Has Kaspersky released the fix Wesly.Zhang, Anton Mefodys ?
Regards.
Wesly.Zhang

Wesly.Zhang

Posted
Posted
Please exit all kaspersky products. KSC,KPM.
Hello Wesly.Zhang
---
  1. Re: Test: c:\program files(x86)\kaspersky lab\{product name}\.copy avp.exe to the desktop
---
  1. Re: Delete original avp.exe
  1. Re: " AVP self-denfense can't be closed",
AVP self-defense is closed. ----
  1. Why is this necessary?
  2. Has Kaspersky released the fix Wesly.Zhang, Anton Mefodys ?
Regards.
Hello, FLOOD This is strange behavior. Let's do the second test:
  1. confirm self-defense is turn off. "Settings --> Additional --> Self-defense --> confirm uncheck "Enable Self-Defense"".
  2. Setting --> General section --> uncheck "Launch Kaspersky Internet Security at computer startup (recommended)"
  3. reboot pc
  4. Go to C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\Cache folder.
  5. Delete all files and folders.
Let me konw the result. Regards.
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
Hello Wesly.Zhang, Sure I will continue with this excercise, however, please advise, has the "fix" been applied & distributed globally? Please let me know? Thanks.
Wesly.Zhang

Wesly.Zhang

Posted
Posted
Hello Wesly.Zhang, Sure I will continue with this excercise, however, please advise, has the fix been applied & distributed globally?
Hi, It should have done for global users. ? Regards.
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
Hello Wesly.Zhang, Cache cleared. Upd's are automated, synchronised with Kaspersky servers and time correct. 08.08.2019 19.30, impacted users advised Kaspersky software stopped throwing alerts. Thanks.
  • 8 months later...
giacomocelli

giacomocelli

Posted
Posted

Good morning,

I don’t know if this is the right place but I have the same problem on my website with only your products. My site is mosstrend and when I’m going to the checkout page I recive the message below. 

Thanks in advance for your support.

 

Flood and Flood's wife

Flood and Flood's wife

Posted
Posted

Hello @giacomocelli,

Welcome!

  • The detection may be valid or it may be a false positive.
  • Please raise a case with Kaspersky Technical Support, please provide a detailed history, images, they may ask for Traces, captured as the issue is replicated. Ask them to determine if the detection is correct. 
  • After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will communicate with you, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in your MyKaspersky account.

 

 

 

 

 

 

 Thank you🙏

Flood🐳

Guest
This topic is now closed to further replies.
 Share
Go to topic listing


×
×
  • Create New...