Kaspersky
Solved

HEUR:Trojan.Win32Generic detected [Closed]

  • 24 December 2019
  • 19 replies
  • 8130 views

Kaspersky cannot “resolve” this alert:

HEUR:Trojan.Win32Generic detected

All databases are current and I have reset PC multiple times.

What can be done?

icon

Best answer by Wesly.Zhang 25 December 2019, 09:32

Hello,

In additional to what flood said,

  • What’s the mail client setting, POP3/SMTP or IMAP/SMTP and with encryption (SSL) or no encryption? and what mail client do you use.
  • When you press ‘resolve’ button, You need wait at least five minutes for advance cleanup technology to deal with this detection if you enable this way by default. Do you wait? Please let me know the result.
  • If you know what e-mail have this malware attachment, Please sent it to 48284610@qq.com. Let me check this product behavior.

Thank you!

View original

This topic has been closed for comments

19 replies

Userlevel 7
Badge +6

attach a screenshot of the alert window

 

And clicking on RESOLVE button does NOTHING.

Userlevel 7
Badge +9

Hello   @PaulStraten,

Thank you for the image.

:warning: Did the detected object originate from an email?:warning:

  • KIS Reports, please select More Tools, Reports, Detailed Reports, select ALL EVENTS, 7days, select Export, save the report as a .txt file, :paperclip: attach to your reply please?

Thank you:pray_tone3:

As requested.

 

 

Userlevel 7
Badge +9

Hello  @PaulStraten,

Thank you. 

:one::warning: Did the detected object originate from an email?:warning:

The report only has data for 24hours = 24.12.2019 :thinking:

:two: Was 7days selected ?

Please let us know?

Thank you

Yes, I selected 7 days as the drop down option. Would you like me to select a larger sampling?

And I do not know how it originated - it was there after I rebooted the machine. I was getting errors on Outlook from the Kaspersky add-in and when I rebooted I also received the above.

Attached is “30 days” option

Userlevel 7
Badge +9

Hello  @PaulStraten,

Thank you for replying. 

Unfortunately the report is only 24hrs, has Kaspersky been (recently) reinstalled?

  1. Without the full data it’s a little difficult to provide accurate information, however, the detection (looks to me) as tho the source is from an email.
  2. In KIS Quarantine, are there any objects? 
  3. KIS version & patch(x)? x = letter
  4. Have the Kaspersky Outlook Addon errors stopped? refer to my “Note” below. 

Please let me know?

Thank you:pray_tone3:

Note:

Kaspersky advised:

Kaspersky Anti-Spam add-in in Outlook. For Kaspersky versions 2019 and 2020, the Kaspersky add-in is no longer available for Outlook.

Kaspersky Lab Support, Sent: Monday, 16 December 2019 18:04. 

 

  1. How do I have email protection if Kaspersky no longer supports such for Outlook?
  2. How do I delete the infected email?
  3. There is nothing in KIS quarantine
  4. There are no more alerts for Outlook add-in popping up
  5. Where do I find the version info? KIS is not very straightforward in identifying things like that.
Userlevel 7
Badge +9

Hello   @PaulStraten,

Thank you for replying.

  • (1) Good question, I’ve asked Kaspersky the very same question, it’s not easy getting a straight answer, the Kaspersky Lab Experts advise: 

quote: “all “active” Outlook versions are supported, however, the Kaspersky Outlook Addon, for Kaspersky v19 & v20 are not supported ...” unquote

:confused:

Atm, Kaspersky documentation shows Kaspersky Outlook (Anti-Spam) addon still does ALL actions. 

The “discussion” with Kaspersky Lab Experts remains current, due to the fact the  information they’ve provided to date has not established what works and what doesn’t work…

The reason I mention their “advice”, if the Outlook Kaspersky Addons no longer work, it may explain the Outlook Addon errors your system showed..:thinking:

(2) Is the infected email still in Outlook? 

In Outlook mail, search for  “Amazon”  without quotes “ “

  • if there are any mail items found, do not open, please let me know what’s found? 
  • (5) KIS version & patch, Windows Taskbar, hover  :mouse:mouse  over the Kaspersky icon:
  1. Outlook, can you show me an image of all installed Addons please? 
  2. May I have a GSI & Windows Logs, upload zip folder to cloud and post back the link please?

Thank you:pray_tone3:

11:23 :santa_tone4: duty calls, I’ll be back in 2hrs:hand_splayed_tone3:

Stand by - will have to look/send this to you tomorrow as Christmas is about to start in this home!

 

But . . . . . . any issue in your opinion of danger with existing situation on my PC, or should I continue to use?

 

Also, in regards to Kaspersky lack of acceptable service response - - well that is not the customer experience I expect from them as a long time customer. Sounds like its time for another option - - there are many others out there willing to earn my patronage.

Userlevel 7
Badge +9

Hello  @PaulStraten,

Take your time, enjoy the :christmas_tree::sparkles: festivities, whenever you’re ready, I’ll be happy to continue to work with you. 

Re “danger”: It’s very difficult to give a qualified opinion without data, however, that’s why I’ve advised, don’t open any mail that results from the search, from the detection you’ve shown in the image, the contaminated mail has an attached file/object, if opened it may “infect” your system.

  • To specifically manage this object, in KIS Notification Center, select the V, what options are available ?

Please let me know?

Thank you:pray_tone3:

Userlevel 7
Badge +8

And clicking on RESOLVE button does NOTHING.

Also :

1} Please scan again a couple of times drive C and reboot inbetween.

2) You might have to contact K-Lab Technical Support to obtain additional assistance.

Userlevel 7
Badge +9

Hello  @PaulStraten,

:arrow_right: I appreciate you’ve advised “And clicking on RESOLVE button does NOTHING”  however, in KIS Notification Center, select the V DROPDOWN ARROW (beside Resolve), what options are available ? 

Please let me know?

 Thank you:pray_tone3:


 

Also, this is the “advice” from the “experts”, 

From: Kaspersky Lab Support, Sent: Wed, 25 December 2019 12:34

quote

If an application is not supported by the Kaspersky application there are instances some of the features may work. However, it mainly means, technical support is not provided for the said application since it is not supported.”

unquote

Hello - I have the same situation.  This originated with an email.  The options I have available in the drop down are: 

Thank you.

Userlevel 7
Badge +9

Hello  @Exar ,

Welcome!

Thank you for following  my guidance so carefully and for the image:clap_tone3:

May I please have Kaspersky AllEvents Report, if the detection happened in the last 24hrs, select 24hrs, otherwise please select 7days, Export the Report, save as .txt & :paperclip: attach to your reply so I can look at the data please? 

Thank you:pray_tone3:

Userlevel 7
Badge +4

Hello,

In additional to what flood said,

  • What’s the mail client setting, POP3/SMTP or IMAP/SMTP and with encryption (SSL) or no encryption? and what mail client do you use.
  • When you press ‘resolve’ button, You need wait at least five minutes for advance cleanup technology to deal with this detection if you enable this way by default. Do you wait? Please let me know the result.
  • If you know what e-mail have this malware attachment, Please sent it to 48284610@qq.com. Let me check this product behavior.

Thank you!