Kaspersky
Question

Virus Object name: User: SYSTEM - every 4 hours. [MOVED]

  • 26 May 2021
  • 1 reply
  • 57 views

Hello, 

I have problem with  Windows 2016 Standard edition. On that server there is Kaspersky Security 10.1.2.

Last days Kaspersky noticed that there is virus in one user, and from that day till now, every 4 hours I had that message: 

“Probably infected object detected: Trojan HEUR:Trojan.Script.Generic.
Object name: najuvukoto[1].pdf 

Event "Probably infected object detected" occurred on device TERMBU3 in Windows domain SE-EU-KRONOSPAN on Wednesday, May 26, 2021 7:41:31 AM (GMT+02:00) Probably infected object detected: Trojan HEUR:Trojan.Script.Generic. Object name: najuvukoto[1].pdf. User: SYSTEM”

Server is fully updated with last Cumulative patch. I tried to clear suspicious scheduled task, clear temp folder in Windows, but every 4 hours I have message that it is virus. 

Could you give me idea where to find and clear it?

Regards, 


This topic has been closed for comments

1 reply

Userlevel 2
Badge +1

Greetings Admin IT All,

I would recommend first checking if the file is indeed malicious or not by going to our threat intelligence portal: https://opentip.kaspersky.com/  and submitting a copy of the file (If possible).

If it turns out to be a false positive, then I would recommend upgrading the product to the latest version Kaspersky Security 11 for Windows Servers ( 11.0.1.897):

https://support.kaspersky.com/ksws11#downloads

I hope this information helps.

Regards