Jump to content
Kaspersky Support Forum

Infected page

Potato.soup

By Potato.soup
in Virus and Ransomware related questions

 Share
Go to solution Solved by Flood and Flood's wife,

Recommended Posts

Potato.soup

Potato.soup

Posted
Posted

Hello,

I would like to post a problem that I am facing.

Basically, Kaspersky FREE is blocking access to a certain webpage due to "infection". I scanned the page with Virustotal and the page seems to be “clean”.

Every page on that website is marked as “infected” by HEUR:Trojan-PSW.Script.Generic

Virustotal reports no infections, nor does the browser show any infections.

Could you please check it ?

Operating system : Win 11 home with latest updates.
Kaspersky version : 21.16.6.467(c)

All pages blocked on this website : https:// infinityscans . net

Screenshot 2024-05-01 204451.jpg

Flood and Flood's wife

Flood and Flood's wife

Posted
Posted (edited)
6 hours ago, Potato.soup said:

Win 11 home with latest updates.
Kaspersky Free v21.16.6.467(c)

  • Kaspersky Free is blocking access to website : https:// infinityscans . net.
  • Every page is marked as “infected” by HEUR:Trojan-PSW.Script.Generic
  • I scanned the page with Virustotal and the page seems to be “clean”. Virustotal reports no infections, nor does the browser show any infections.
  • Could you please check it ?

Hello @Potato.soup

Welcome!

We're unable to replicate the issue. 

  1. Please share the *full* Windows 11 OS & build information, read: How to find the version of your operating system?
  2. Please update the Kaspersky Free Anti-virus bases: How to start an update of databases and application modules
  3. Check if the issue persists, IF it does, please shutdown the computer using SHUTDOWN not Restart, when the computer if fully OFF - power ON by pressing the power button, login. 
  4. Run *another* Database update
  5. Recheck if KF is still blocking infinityscans? 
  6. Recheck in *all* supported browsers - Edge, Firefox, Chrome - does HEUR:Trojan-PSW.Script.Generic show in *all* browsers? 

image.thumb.png.f307ff51df057adf82ba9ec9a9b711df.png

image.thumb.png.75a2fbcfb5cc33dd307981859517fedd.png

image.thumb.png.4373dc613850831ef55dbd9ac147a530.png

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

Edited by Flood and Flood's wife
Added 6.
Potato.soup

Potato.soup

Posted
  • Author
Posted
On 5/2/2024 at 3:25 AM, Flood and Flood's wife said:

Hello @Potato.soup

Welcome!

We're unable to replicate the issue. 

  1. Please share the *full* Windows 11 OS & build information, read: How to find the version of your operating system?
  2. Please update the Kaspersky Free Anti-virus bases: How to start an update of databases and application modules
  3. Check if the issue persists, IF it does, please shutdown the computer using SHUTDOWN not Restart, when the computer if fully OFF - power ON by pressing the power button, login. 
  4. Run *another* Database update
  5. Recheck if KF is still blocking infinityscans? 
  6. Recheck in *all* supported browsers - Edge, Firefox, Chrome - does HEUR:Trojan-PSW.Script.Generic show in *all* browsers? 

image.thumb.png.f307ff51df057adf82ba9ec9a9b711df.png

image.thumb.png.75a2fbcfb5cc33dd307981859517fedd.png

image.thumb.png.4373dc613850831ef55dbd9ac147a530.png

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

The issue is when opening any chapter I get this warning of an "infection"


Windows 11 version : 23H2 (build 22631.3527)

The issue is repeatable on Edge, Vivaldi, Firefox, Floorp.
 

  • Thanks 1
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
14 minutes ago, Potato.soup said:

Windows 11 version : 23H2 (build 22631.3527)

The issue is when opening any chapter I get this warning of an "infection"

The issue is repeatable on Edge, Firefox, Vivaldi, Floorp.

Hello @Potato.soup

Thank you for posting back!

The issue has been reported to Kaspersky's Virus Lab experts, we'll update this topic when they reply. 

FYI: neither Vivaldi, Floorp are supported, read: Kaspersky Free, Browser support

image.thumb.png.182cfe933aef7c9a6b06a8b5a9e55785.png

Thank you🙏
Flood🐳+🐋

  • Like 2
Berny

Berny

Posted
Posted

@Potato.soup

Here is the verdict that i just obtained from Kaspersky Virus Lab within  a very short time !
 

Quote

" Hello,

This is not a false alarm. This site is infected.
Here is the part of malicious code:
(function(){var wHz='',kby=186-175  ...

If you are a webmaster, please remove the above code from the page. Also we strongly recommend that you change passwords to all services that can be used to modify website contents because they may have been stolen.

Best regards, Xxxxxxxx Xxxxxxxx , Malware Analyst "
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700

 

  • Like 1
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
15 hours ago, Potato.soup said:

The issue is when opening any chapter I get this warning of an "infection"

Hello @Potato.soup

Here is the full report from Kaspersky's Virus Lab experts:

image.thumb.png.9645810fee9ec05c6d1189d74527b568.png

Please let us know if Infinity changes their position from what they just stated? 

Thank you🙏
Flood🐳+🐋

Potato.soup

Potato.soup

Posted
  • Author
Posted (edited)
On 5/4/2024 at 3:44 AM, Flood and Flood's wife said:

FYI: neither Vivaldi, Floorp are supported, read: Kaspersky Free, Browser support

Thank you the your reply, but how is it not supported and kaspersky still blocks the "bad" sites that are infected ?

Edited by Potato.soup
  • Thanks 1
Potato.soup

Potato.soup

Posted
  • Author
Posted
On 5/4/2024 at 6:06 PM, Flood and Flood's wife said:

Hello @Potato.soup

Here is the full report from Kaspersky's Virus Lab experts:

image.thumb.png.9645810fee9ec05c6d1189d74527b568.png

Please let us know if Infinity changes their position from what they just stated? 

Thank you🙏
Flood🐳+🐋

Yeah the webmaster of the website answered and this is their reply regarding the "infection"

"The code they mentioned is just part of our anti-adblocker code. Which only detects if someone is using an adblocker. It has nothing to do with a trojan. I'll add Kaspersky to the list of applications that don't have good developers.
I take security very seriously!!!!!"

So, it's ad-detection code, but still I can not access it due to the "infected code" in question

  • Thanks 1
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted (edited)
13 minutes ago, Potato.soup said:

Yeah the webmaster of the website answered.

Hello @Potato.soup

Thank you. 

Yes, we had a conversation with them on Saturday. 

The issue is *already* in hand with KVLE. 

We'll post as soon as they send their re-analysis. 

Thank you🙏
Flood🐳+🐋

Edited by Flood and Flood's wife
grammar
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
1 minute ago, Potato.soup said:
  1. how is it not supported and Kaspersky still blocks the "bad" sites that are infected ?

Hello @Potato.soup

The "not supported" advice is related to: IF there is/was an issue with the Kaspersky software & either Vivaldi & OR Floorp & a Kaspersky subscriber sought support from KCS, it would not be provided. 

  1. Re the *detections*, please read: What is Heuristic Analysis? & an older article but still relevant: System Watcher gets smarter

Thank you🙏
Flood🐳+🐋

  • Solution
Flood and Flood's wife

Flood and Flood's wife

Posted
  • Solution
Posted
12 hours ago, Potato.soup said:

Yeah the webmaster of the website answered

Hello @Potato.soup

KVLE have reverted: 

 image.thumb.png.6ace4b23eb30a6c2c14add967cdd07d5.png

  • Please run a Database update & recheck; our recheck generated an ad-block from Adblock Plus, nothing from Kaspersky

image.thumb.png.66e8e429bb591d671fa0d74dd8104af2.png

Any issues or concerns please post back? 
Thank you🙏
Flood🐳+🐋

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...