Jump to content

not-a-virus:HEUR:AdWare.Script.Pusher.gen how to fix?


Go to solution Solved by Wesly.Zhang,

Recommended Posts

Posted

Trying to read a manga site I have used for years, I use adblockplus and kaspersky web protection. When I clicked the main page I get these two events about HEUR:AdWare.Script.Pusher.gen

 

 

Event: Download denied
User: DESKTOP-6JBFB3M\Tom
User type: Active user
Application name: firefox.exe
Application path: C:\Program Files\Mozilla Firefox
Component: Web Anti-Virus
Result description: Blocked
Type: Contains adware, auto-dialers, legitimate software that can be used by criminals to damage your computer or personal data
Name: not-a-virus:HEUR:AdWare.Script.Pusher.gen
Precision: Partially
Threat level: Medium
Object type: File
Object name: subscribe.js?v=1.1.0
Object path: https://cdn.siteswithcontent.com/js/push
MD5: 189F6DDD0A08DD184BFE6CD4082874BF
Reason: Expert analysis
Databases release date: Yesterday, 15/03/2021 04:35:00

 

and

 

Event: Detected legitimate software that can be used by intruders to damage your computer or personal data
User: DESKTOP-6JBFB3M\Tom
User type: Active user
Application name: firefox.exe
Application path: C:\Program Files\Mozilla Firefox
Component: Web Anti-Virus
Result description: Detected
Type: Contains adware, auto-dialers, legitimate software that can be used by criminals to damage your computer or personal data
Name: not-a-virus:HEUR:AdWare.Script.Pusher.gen
Precision: Partially
Threat level: Medium
Object type: File
Object name: subscribe.js?v=1.1.0
Object path: https://cdn.siteswithcontent.com/js/push
MD5: 189F6DDD0A08DD184BFE6CD4082874BF
Reason: Expert analysis
Databases release date: Yesterday, 15/03/2021 04:35:00

 

 

Is this just a bad ad that was blocked by adblockplus and reported by kaspersky?
Scanned everything multiple times afterwards and found nothing.

Posted

When I try I get a error messege.

“ An error occurred while sending the object for re-validation. Please try again later. “

Posted

Alright, done, thanks for the help.

  • Solution
Wesly.Zhang
Posted (edited)

FOR GOOGLE:

We have the article for this problem:
https://support.kaspersky.com/10319

@Demiad

--- original post ---

Hello,

It is a push adv from google services: firebase

https://cdn.siteswithcontent.com/js/push/subscribe.js?v=1.1.0

You will open a js file. Its function is create a img object and inject a script in the webpage.

spacer.png

If you understand the function of this script and try to access the following url:

https://www.siteswithcontent.com/firebase-messaging-sw.js

spacer.png

Let’s follow the import scripts url to

https://cdn.siteswithcontent.com/js/push/news-siteswithcontent-sw.js?v=3
spacer.png

Some interesting strings list in your eyes. OK, this case is closed.

Regards.

Edited by Demiad
+solution
Posted

Glad there is nothing to worry about, thanks.

Guest
This topic is now closed to further replies.


×
×
  • Create New...