Jump to content
Kaspersky Support Forum

Website false positive?

sailor

By sailor
in Virus and Ransomware related questions

 Share
Go to solution Solved by Berny,

Recommended Posts

sailor

sailor

Posted
Posted (edited)

Find https://nswpedia.com/nintendo-switch-roms got positive on Kaspersky as HEUR:Trojan.Script.MalCrack.gen .

However, https://www.virustotal.com/gui/url/65758c5365c663134ad1f7fa0af657096a4a8924f3d6ff5e5cce7f1a3c3c6abf only two showed positive while this report on Kaspersky showed as good website, https://opentip.kaspersky.com/https%3A%2F%2Fnswpedia.com%2Fnintendo-switch-roms/?tab=web . Is it a false positive?

Edited by Berny
Berny

Berny

Posted
Posted

@sailor Welcome

Your URL has been submitted to Kaspersky Virus Lab , the verdict will be provided when available.

  • Like 1
Berny

Berny

Posted
Posted

@sailor

↓ Suspicious link included under directory  https://nswpedia.com/ 🤔↓ (waiting for verdict from K Virus Lab)

dgaf.jpg.5643e48ea27d8d39cf5e37508d7ae035.jpg

 

  • Like 1
  • Solution
Berny

Berny

Posted
  • Solution
Posted
Quote

" Hello,

This detection is correct.
Thank you for your inquiry to Kaspersky.

Best regards, Xxxxxxxxx Xxxxxxxxx, Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 "

 

  • Like 1
Berny

Berny

Posted
Posted

@sailor

29 minutes ago, sailor said:

So this link is really something infected, right.

↓ Here are the  Kaspersky detection details ↓

Quote

Today, 27/02/2026 16:22:42
Event                         : Download denied
User                          :  xxxxxxxxxxxxxxx
User type                 : Initiator
Application name    : firefox.exe
Application path      : C:\Users\xxxxxxxxxxxxxxx
Component              : Safe Browsing
Result description   : Blocked
Type                         : Adware
Name                        : https : //dgaf2ncy4dtan.cloudfront.net/?nfagd
Threat level              : Medium
Object type              : Web page
Object name            : ?nfagd
Object path             : https : //dgaf2ncy4dtan.cloudfront.net
Reason                    : Cloud Protection

↓ Also , uBlock Origin doesn't like it as well ↓

Spoiler

dgaf_ublock.thumb.jpg.114f41f5235bb41da23bec2e16b4b5e6.jpg

 

Berny

Berny

Posted
Posted
1 hour ago, sailor said:

Then you may want to update

nswp.jpg.f1d58a3c140a62fbc2282d77eb5f3baa.jpg

This is what i submitted to Kaspersky Virus Lab : 

Hello, → https://[nswpedia.com/nintendo-switch-roms]

↓ Here are the  Kaspersky detection details ↓

Spoiler

Event                    : Malicious object detected
User                      : xxxxxxxxxx
User type              : Initiator
Application name : firefox.exe
Application path   : C:\Users\xxxxxxxxxx
Component           : Safe Browsing
Result description : Detected
Type                      : Trojan
Name: HEUR         :Trojan.Script.MalCrack.gen
Precision               : Exactly
Threat level           : High
Object type           : File
Object name          : nintendo-switch-roms
Object path            : https : //nswpedia.com
MD5 of an object  : 0D7CFBA000C77E64032421741059A064
Reason                  : Expert analysis

 

Also VirusTotal results are sometimes random.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...