Jump to content
Kaspersky Support Forum

False Positives of My own Codes and GeeksForGeeks

Veerain
 Share
Go to solution Solved by harlan4096,

Recommended Posts

Veerain

Veerain

Posted
Posted

Specs : 

image.thumb.png.71e444ac4ac88a91d7c39d6621620b1b.png

Ya so today 2 times kts didn't let me code on geeksforgeeks. Here is the info

Event: Download denied
User: MyMachine\MyUsername
User type: Active user
Application name: msedge.exe
Application path: C:\Program Files (x86)\Microsoft\Edge\Application
Component: Web Anti-Virus
Result description: Blocked
Type: Trojan
Name: HEUR:Trojan.Script.Miner.gen
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: _app-475fd0fc86c5f15d.js
Object path: https://www . geeksforgeeks . org/_next/static/chunks/pages
MD5: 3476BF88F39C831FB5C4A09BFA2A95D6
Reason: Expert analysis
Databases release date: Today, 27-3-24 9.33.00 AM

Event: Malicious object detected
User: MyMachine\MyUsername
User type: Active user
Application name: msedge.exe
Application path: C:\Program Files (x86)\Microsoft\Edge\Application
Component: Web Anti-Virus
Result description: Detected
Type: Trojan
Name: HEUR:Trojan.Script.Miner.gen
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: _app-475fd0fc86c5f15d.js
Object path: https://www . geeksforgeeks . org/_next/static/chunks/pages
MD5: 3476BF88F39C831FB5C4A09BFA2A95D6
Reason: Expert analysis
Databases release date: Today, 27-3-24 9.33.00 AM

 

+ Mostly It tags the codes I do on various as malicious and need to restart pc to disinfect.... Not expected from a company like kaspersky... It mostly targets exe generated (practically harmless as I coded them) and is in general not a very nice experience...

Any fixes?? BTW I tried out many things mentioned in the fourms...

image.thumb.png.9f79aca665542d2789b543454ae155f4.png

Mostly all of them focus on disabling the "Perform recommended actions automatically" thing and add it to exceptions and turn it back on... Even then this is repeating....

Link to comment
Share on other sites
Veerain

Veerain

Posted
  • Author
Posted

ya this line is misspelt.. Here is the corrected one.. "Mostly It tags the codes I do on various coding platforms(when I solve them on my pc) as malicious and need to restart pc to disinfect.... "

 

  • Sad 1
Link to comment
Share on other sites
Veerain

Veerain

Posted
  • Author
Posted

@Berny@harlan4096 I have changed my app to kaspersky plus and it shows this...

image.png.153acd4e6fbb08cb6a616d223247e427.png

and it shows this ...

Event: Malicious object detected
User: MymachineName\MyUsername
User type: Initiator
Application name: msedge.exe
Application path: C:\Program Files (x86)\Microsoft\Edge\Application
Component: Safe Browsing
Result description: Detected
Type: Trojan
Name: HEUR:Trojan.Script.Miner.gen
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: _app-475fd0fc86c5f15d.js
Object path:
MD5 of an object: 3476BF88F39C831FB5C4A09BFA2A95D6
Reason: Expert analysis
Databases release date: Yesterday, 27-3-24 7.35.00 PM

I checked its stats on Virus total.. the url given.. and found this..

image.thumb.png.df7e51b54011a6b8b6aa3c8623478d11.png

VirusTotal - URL here is the link ... you can check it for yourself... This is way too many false positives... its like a modern day child has asthma when he visits a farm and his body over reacts over a bee sting (over active immune system).

Which is considered bad even in medicine... 

Please look into this.. if possible share the analysis with technical team.. I will be happy to help debug this.. being a developer my self... I will be happy to help them. (But I wont entertain non official fraudsters.. so your people need to verify themselves..)

Link to comment
Share on other sites
  • Solution
harlan4096

harlan4096

Posted
  • Solution
Posted
Quote

 

Hello,

Sorry, it was a false detection. It will be fixed.
Thank you for your help.

Best regards,
Malware Analyst, Kaspersky
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names

 

  • Like 1
Link to comment
Share on other sites
harlan4096

harlan4096

Posted
Posted
1 hour ago, Veerain said:

@harlan4096 

@Berny

image.thumb.png.cb6956f36f34152d9b56f659f1a4bc76.png

this is weird.... even kaspersky detects it as safe and somehow is messing up on my pc

Yes, this is clean there, because those engines services usually do not use the full Heur engine (and probably other security mechanisms) that are integrated in a full product.

  • Like 2
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...