Jump to content
Kaspersky Support Forum

Reason: object is infected HEUR:Trojan-PSW.Script.Generic

ToddLee
 Share

Recommended Posts

ToddLee

ToddLee

Posted
Posted

Hi Guys

Please help.

 

One of my websites provides access denied:

Prevented downloading of a dangerous object Prevented downloading of a malicious file or other object designed to infect your computer with malware that will slow it down, break the system or lead to other problems. You were protected from downloading this object by Kaspersky security. You can close this window with no risk.

Detected at: 2/12/2024 10:55:30 AM

Web address: https:// www . plaud . ai/
 

Reason: object is infected HEUR:Trojan-PSW.Script.Generic

 

I checked the website with your threat intelligence portal and it passed all - no viruses found.

https://opentip.kaspersky.com/plaud.ai/?tab=web

 

Please assist.

 

Link to comment
Share on other sites
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted (edited)
1 hour ago, ToddLee said:

One of my websites provides access denied:

Reason: object is infected HEUR:Trojan-PSW.Script.Generic

I checked the website with your threat intelligence portal and it passed all - no viruses found.

https://opentip.kaspersky.com/plaud.ai/?tab=web

Hello @ToddLee

Welcome!

  1. We've submitted the issue to Kaspersky's Virus Lab, to determine the root cause, KVLAB - are the *only* Kaspersky team *qualified* to make a diagnosis. Please wait for their advice, we'll post as soon as it's available:
  2. https://opentip.kaspersky.com/https%3A%2F%2Fwww.plaud.ai%2F/?tab=lookup
  3. https://www.virustotal.com/gui/domain/www.plaud.ai/detection

USER_2024-02-22_173824.thumb.png.614da6dc71fc555dbaa12444eff673a1.png

USER_2024-02-22_173840.thumb.png.39d17a37ffa100d3baabc6eea6967eea.png

USER_2024-02-22_174701.thumb.png.80acbcf68aa49dcdf97b203e18381415.png

Thank you🙏
Flood🐳+🐋

Edited by Flood and Flood's wife
added image
  • Like 1
Link to comment
Share on other sites
Berny

Berny

Posted
Posted

@ToddLee

Here is the verdict from Kaspersky Virus Lab

  • Submitted →  02/22/2024 14:31:15 PM - CET (GMT +1)
  • Verdict       → 02/22/2024 14:36:00 PM - CET (GMT +1)
Quote

" Hello,

This is not a false alarm. This site is infected.
Here is the malicious code:
<script>window["\u0064   ..........   btoa(_0x33ce41)});}};_0x136862['send']();});</script>
If you are a webmaster, please remove the above code from the page. Also we strongly recommend that you change passwords to all services that can be used to modify website contents because they may have been stolen.

Best regards, Xxxxxxxx Xxxxxxxx , Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia "

 

  • Like 2
Link to comment
Share on other sites
ToddLee

ToddLee

Posted
  • Author
Posted

 

On 2/22/2024 at 9:51 PM, Berny said:

@ToddLee

Here is the verdict from Kaspersky Virus Lab

  • Submitted →  02/22/2024 14:31:15 PM - CET (GMT +1)
  • Verdict       → 02/22/2024 14:36:00 PM - CET (GMT +1)

 

 

@Berny  

Thank you.
Because we are using Shopify's SAAS service, all page codes are generated automatically by Shopify, so it may not be easy to modify.
We will try to coordinate with Shopify's engineers to see if there is a solution.


Thank you again.

  • Like 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...