Safe Browsing Blocked Download When Using Google Search

Monday at 06:45 PM

I was doing some Google search earlier and Kaspersky popped up saying Malicious object detected, I double-checked and did some further research I suspect it's related to the preload function (I've already turned it off) in Google Chrome, do I need to do anything on my end like reinstalling the OS or clear browser cache? Here's the report I got from Kaspersky

Quote

Event: Download denied
User type: Initiator
Application name: chrome.exe
Application path: C:\Program Files\Google\Chrome\Application
Component: Safe Browsing
Result description: Blocked
Type: Trojan
Name: HEUR:Trojan.Script.Generic
Precision: Heuristic analysis
Threat level: High
Object type: File
Object path: https://aynrand.org
MD5 of an object: E6C72A14F853751246A45FE954F6B58C
Reason: Expert analysis
Databases release date: Today, 3/17/2025 12:12:00 PM

Event: Malicious object detected
User type: Initiator
Application name: chrome.exe
Application path: C:\Program Files\Google\Chrome\Application
Component: Safe Browsing
Result description: Detected
Type: Trojan
Name: HEUR:Trojan.Script.Generic
Precision: Heuristic analysis
Threat level: High
Object type: File
Object path: https://aynrand.org
MD5 of an object: 71614E2EE01C18730061633A6412E8FF
Reason: Expert analysis
Databases release date: Today, 3/17/2025 12:12:00 PM

And I just got another detection and block from copying and pasting the report from Kaspersky

I've already done a full scan in Kaspersky and it says no threats detected

2025-03-18T06:09:55Z

Welcome to K. Community.

Yesterday I reported that site to K. analysts, and this is their reply:

Quote

Hello,

This is not a false alarm. This site is infected.

Here is the malicious code:

;;if(typeof zqxq==="undefined"){(function(N,M){v

If you are a webmaster, please remove the above code from the page. Also we strongly recommend that you change passwords to all services that can be used to modify website contents because they may have been stolen.

I don't know what You were browsing to get that warning, but this is not a false positive.

If You continue getting it, check Your browsers add-ons for suspicious ones, clear browser cache, do a reset config of Your browser, run a K. scan of the system.

2025-03-18T09:08:16Z

2 hours ago, harlan4096 said:

Welcome to K. Community.

Yesterday I reported that site to K. analysts, and this is their reply:

I don't know what You were browsing to get that warning, but this is not a false positive.

If You continue getting it, check Your browsers add-ons for suspicious ones, clear browser cache, do a reset config of Your browser, run a K. scan of the system.

I was only doing some Google searches, didn't click on any links or download anything (fully stayed on Google), I only get the warning (same warning every time) when I search for a specific term on Google so I suspect it's caused by the preload function of the Chrome browser, but again I also received the same warning when I was trying to copy paste the Kaspersky report to the post after the addresses in the report turned into a hyperlink (already have the preload function turned off).

I already cleared my caches from the last 7 days, didn't install any new extensions (if that's what you meant by add-ons) since maybe like last year so I don't think that's the problem. Did multiple full scans in Kaspersky and it says no threats detected.

Is there anything I should be worrying about? Should I take any further action?

2025-03-18T09:26:00Z

Ok, if You use a different browser, for example, FireFox, You get the same detection?

Also, download this tool: https://www.malwarebytes.com/adwcleaner

Run a scan, once ended, don't remove anything if detected, 1st copy/paste the result of the scan in Your next post.

2025-03-18T10:10:49Z

Quote

# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support:
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-18-2025
# Duration: 00:00:08
# OS: Windows 11 (Build 26100.3194)
# Scanned: 32093
# Detected: 8

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F30ED44-285D-43A4-99F2-B00E9751BB59}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D06E77C0-E5D8-41B2-89DF-1991CA59492C}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UEIPINVITATION
Preinstalled.UserExperienceImprovementProgramService Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support:
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-18-2025
# Duration: 00:00:07
# OS: Windows 11 (Build 26100.3194)
# Scanned: 32103
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [2382 octets] - [18/03/2025 09:46:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support:
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-18-2025
# Duration: 00:00:07
# OS: Windows 11 (Build 26100.3194)
# Scanned: 32096
# Detected: 8

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F30ED44-285D-43A4-99F2-B00E9751BB59}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D06E77C0-E5D8-41B2-89DF-1991CA59492C}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UEIPINVITATION
Preinstalled.UserExperienceImprovementProgramService Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK

AdwCleaner[S00].txt - [2382 octets] - [18/03/2025 09:46:35]
AdwCleaner[S01].txt - [1483 octets] - [18/03/2025 09:48:04]
AdwCleaner[S02].txt - [1544 octets] - [18/03/2025 09:48:38]
AdwCleaner[S03].txt - [2565 octets] - [18/03/2025 09:54:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support:
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-18-2025
# Duration: 00:00:07
# OS: Windows 11 (Build 26100.3194)
# Scanned: 32094
# Detected: 8

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F30ED44-285D-43A4-99F2-B00E9751BB59}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D06E77C0-E5D8-41B2-89DF-1991CA59492C}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UEIPINVITATION
Preinstalled.UserExperienceImprovementProgramService Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK

AdwCleaner[S00].txt - [2382 octets] - [18/03/2025 09:46:35]
AdwCleaner[S01].txt - [1483 octets] - [18/03/2025 09:48:04]
AdwCleaner[S02].txt - [1544 octets] - [18/03/2025 09:48:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

I've run a couple of scans using the Malwarebytes adwcleaner, it doesn't seem to have detected anything apart from some software preinstalled on my laptop, I couldn't test the search on other browsers at this moment since I only have Chrome installed and I don't wanna risk it. I could upload the .txt files of the logs of the Malwarebytes scan if it's required.

2025-03-18T10:58:43Z

Agree, nothing suspicious in the logs, no need to upload the txt.

I would try with a different browser.

2025-03-18T11:04:04Z

Apart from trying a different browser is there anything else I should do? How do I make sure that I'm in the clear? If possible, I'd also like to know what the malicious code does. Thank you!

2025-03-18T11:27:30Z

Your K. blocked the access to that site, so...

https://encyclopedia.kaspersky.com/knowledge/heuristic-and-proactive-detections/

Safe Browsing Blocked Download When Using Google Search

Recommended Posts

saladass4321

harlan4096

saladass4321

harlan4096

saladass4321

harlan4096

saladass4321

harlan4096

Please sign in to comment

Forum

Products

Support

Personal Account