Kaspersky
Question

HEUR:Trojan.Win32Generic detected -[Subject:Amazon Invoice...]

  • 25 December 2019
  • 17 replies
  • 7795 views

Kaspersky cannot “resolve” this alert:

HEUR:Trojan.Win32Generic detected

All databases are current and I have reset PC multiple times.

What can be done?


17 replies

Userlevel 7
Badge +8

Hello @PaulStraten,


can you tell us anything more specific about the location?
Is it a file on the computer or a http(s) connection?

It mentions an object: [From:Amazon.com][Subject:Amazon Invoice #111-9524719-3018295” that I cannot find anywhere in any of my folders or on my hard drive files, etc.

 

Userlevel 7
Badge +8

This looks like an email attachment.
The mail might be in the spam folder of your email program, maybe also in the deleted mails.
If you access the mails via browser, it could be in the browser cache.
Can you see anything in this sense?

I have looked in all of those and nothing exists - I am stumped!

Userlevel 7
Badge +8

OK, let's try this:
please post us the full path to the file in question, starting with 'C:\'.
You'll find it in the reports.
Depending on the KL version '(More Tools)->Reports->Detailed Reports->Detected Objects'. There the file should be listed with full path name.

See attached two screenshots below. The path does not exist on the detected malware in question.

 

 

 

And I have searched every email folder and this does not appear anywhwere. I also cleared all browser caches.

Userlevel 7
Badge +8

Thank you, I see.

So this is an email that arrived in your mailbox on 28 october 2019 at 13:07. The sender is allegedly 'Amazon.com', the subject is 'Amazon Invoice #111-95...'.
The mail has an image (.img) with the same name attached, this is suspected malware (HEUR.).

If you can't find the mail with this information, please tell us the program you use to access the mails. Maybe you have to compress a folder for final deletion.

Yes, I understand.

 

However, after I have searched ALL email folders I have not been able to find that email (or img attachment) anywhere in my email folders or on my hard drive.

 

I use OUTLOOK and am on a Microsoft Exchange account.

 

How should I search in a more comprehensive way?

Further, I have deleted every folder in my emails in the TRASH, SPAM, SENT, folders as well. So I am not sure where that email/attachment could be hiding.

Userlevel 7
Badge +9

Hi, @PaulStraten 

Try sorting the letters by date and delete the letter dated 10/28/2019, then empty the email basket.
After that, clean the antivirus reports: Settings -> Additional -> Reports and Quarantine -> Clear https://help.kaspersky.com/KIS/2020/en-US/68263.htm

Userlevel 7
Badge +11

Hello  @PaulStraten,

Also,  (your) two Topics: in categories KIS & KAV, do you have the same issue on 2 devices?:thinking:

&

If the original  'Amazon Invoice #111-95...'. mail was in Outlook Junk Mail folder, Outlook deletes Junk Mail on a 10 day cycle, from the Outlook side, presumably all October Junk Mail will have been deleted.

Is there .pst file file saved locally?

Was OL Mail recently setup?

Has your Windows account been refreshed?

For either one of the topics, have you requested assistance from Kaspersky Technical Support?

Please let us know?

Thank you.

I “THINK” that this resolved the issue! After performing these steps the message went away. Fingers crossed!

 

 

Userlevel 7
Badge +11

Hello  @PaulStraten,

Clearing Kaspersky application Reports & Quarantine will remove existing Kaspersky Report data, if the source data still exists, it may, at some stage, be reported again by Kaspersky application.

Thank you.

Reply