Jump to content

heur trojan-psw.script.generic


japselrn1

Recommended Posts

japselrn1

Hello 

Every time I visit this webshop, I get a warning message. I have tested the website in the Kaspersky-Tool, where no virus or similar could be found - see attachment.

Why does this message appear (how to fix it?) because the website owner told me that they could not find a virus on their site?

Thank you

 

 

Link to comment
Share on other sites

Flood and Flood's wife

Hello @japselrn1,

Welcome!

What the merchant says may be correct, there is no virus, however, TROJAN-PSW.SCRIPT.GENERIC = Malware of this family steal cookies and website credentials.

  • Log a case with Kaspersky Technical Support, select Malware, Detected threat appears over & over again template - see image1; include all the information you’ve provided here, including images & your research, ask the Kaspersky Lab to let you know if the detection is a false positive; if it’s a legitimate detection, the Lab will provide information to explain to the merchant so they can fix the www.
  • After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will communicate with you, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in your MyKaspersky account.
  • Note, we’ve been able to replicate the detection: see image 2KIS Report & FF log

 Image 1

Image 2

 

Thank you🙏

Flood🐳

Link to comment
Share on other sites

Flood and Flood's wife

Hello @japselrn1,

Additional, adding the KIS Report & FF log I mentioned above & another online scan result:

Thank you🙏

Flood🐳

Link to comment
Share on other sites

Flood and Flood's wife

Hello @japselrn1,

You’re most welcome😃!

Please share the outcome with the Community when it’s available?

Thank you🙏

Flood🐳

Link to comment
Share on other sites

  • 10 months later...
  • 1 year later...

I had the exact same problem when making a purchase on the muscle and strength website. I didn't quite understand what this trojan is about on this site, could anyone give me some guidance or if I should be worried about my personal data?

Event: Download denied
User: DESKTOP-GUEDONE\ander
User type: Active user
Application name: chrome.exe
Application Path: C:\Program Files\Google\Chrome\Application
Component: Web Anti-Virus
Description result: Blocked
Type: Trojan
Name: HEUR:Trojan-PSW.Script.Generic
Precision: Heuristic Analysis
Threat Level: High
Object Type: File
Object path.: https://www.muscleandstrength.com/store/checkout/onepage/success
MD5: E058D66C1F5E0ADF8591AACBD20CA51B
Reason: Expert analysis
Database release date: Today, 11/25/2022 11:59:00

Link to comment
Share on other sites

Flood and Flood's wife
5 hours ago, Guedones said:

I had the exact same problem when making a purchase on the muscle and strength website.

I didn't quite understand what this trojan is about on this site, could anyone give me some guidance or if I should be worried about my personal data?

  • Event: Download denied
  • Description result: Blocked
  • Name: HEUR:Trojan-PSW.Script.Generic
  • Precision: Heuristic Analysis
  • MD5: E058D66C1F5E0ADF8591AACBD20CA51B

Hello @Guedones

Welcome!

  1. (Your) installed Kaspersky software blocked the Download (Download denied). 
  2. TROJAN-PSW.SCRIPT.GENERIC: Malware of this family steal cookies and website credentials
  3. E058D66C1F5E0ADF8591AACBD20CA51B
  4. VT https://www.muscleandstrength.com/store/checkout/onepage/success
  5. Please read & follow: Kaspersky application blocks my website or application. What should I do? & False detections by Kaspersky products. What to do?
  6. We tried to process a txn at the site, however, we could not replicate the error, nor could we successfully complete the txn, the detection may be a false positive *but* the only people qualified to make that assessment are Kaspersky's Virus Lab experts, please log a case with Kaspersky support, on the support page, select either Email or Chat, then fill in Malware, False positive template; support may request logs, traces & other data; they will guide you. 

Please share the outcome with the Community, when it's available? 

Thank you?
Flood?+?

Edited by Flood and Flood's wife
Link to comment
Share on other sites

On 11/26/2022 at 3:51 AM, Guedones said:

I had the exact same problem when making a purchase on the muscle and strength website. I didn't quite understand what this trojan is about on this site, could anyone give me some guidance or if I should be worried about my personal data?

Event: Download denied
User: DESKTOP-GUEDONE\ander
User type: Active user
Application name: chrome.exe
Application Path: C:\Program Files\Google\Chrome\Application
Component: Web Anti-Virus
Description result: Blocked
Type: Trojan
Name: HEUR:Trojan-PSW.Script.Generic
Precision: Heuristic Analysis
Threat Level: High
Object Type: File
Object path.: https://www.muscleandstrength.com/store/checkout/onepage/success
MD5: E058D66C1F5E0ADF8591AACBD20CA51B
Reason: Expert analysis
Database release date: Today, 11/25/2022 11:59:00

Hello, @Guedones

I think this is a false positive, there is no any malware script in that page. But there are some other reason to let you encounter this issue. The first is your browsers addones. The secound is the website request back special html code to you, different from me. So you can disable all browsers addone and re-open the browser to check this issue first. If it is not work, Please reply back here.

Regards.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...