Kaspersky
Solved

KIS detects and blocks a trojan download from google search for jackalope

  • 30 July 2021
  • 3 replies
  • 87 views

hello!

today when i google searched “jackalope”, KIS detected a malicious object and blocked a download from svinews.com article related to jackalopes. i have not clicked on any links in the search at all, which is what left me confused the most and above all a little anxious. i tried googling the same thing again and the same thing happened, except now it also detected and blocked a download from webcache.googleusercontent.com search cache.

 

this the information on the object:

 

Event: Malicious object detected
User type: Active user
Application name: chrome.exe
Application path: C:\Program Files (x86)\Google\Chrome\Application
Component: Web Anti-Virus
Result description: Detected
Type: Trojan
Name: HEUR:Trojan-PSW.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object path: https://svinews.com/the-story-of-the-jackalope-from-facts-to-fables
MD5: 3CFD6A66C298901F1D7EF1338F790B4C
Reason: Expert analysis
Databases release date: Today, 30/07/2021 09:58:00

 

Event: Download denied
User type: Active user
Application name: chrome.exe
Application path: C:\Program Files (x86)\Google\Chrome\Application
Component: Web Anti-Virus
Result description: Blocked
Type: Trojan
Name: HEUR:Trojan-PSW.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object path: https://svinews.com/the-story-of-the-jackalope-from-facts-to-fables
MD5: 3CFD6A66C298901F1D7EF1338F790B4C
Reason: Expert analysis
Databases release date: Today, 30/07/2021 09:58:00

 

i am currently running a full scan on my computer and i will let you know if any malicious files are detected.

 

can a google search download a virus to my computer like this? is this normal? should i be concerned (i am concerned)

 

thank you in advance for your response!

icon

Best answer by Wesly.Zhang 2 August 2021, 07:31

thank you so much for the fast response!

that sets my mind at ease a bit. 

but i do have to say, i am still curious as to why there was an attempted download from a site that was probably only listed in the google search results which i did not visit at all… does anyone have an answer to that?


Hello @vanxious 

Please check whether the bowers addones do this behavior or not. There is a high probability that they are doing this “good” things.

Regards.

View original

3 replies

Userlevel 7
Badge +8

@vanxious  Welcome.

As Kaspersky blocked the detected object you shouldn’t be concerned.
Please submit the url here https://opentip.kaspersky.com and “Submit to reanalyze”

Kaspersky Whitelist report :

https://whitelist.kaspersky.com/advisor#search/3CFD6A66C298901F1D7EF1338F790B4C

thank you so much for the fast response!

that sets my mind at ease a bit. 

but i do have to say, i am still curious as to why there was an attempted download from a site that was probably only listed in the google search results which i did not visit at all… does anyone have an answer to that?

Userlevel 7
Badge +5

thank you so much for the fast response!

that sets my mind at ease a bit. 

but i do have to say, i am still curious as to why there was an attempted download from a site that was probably only listed in the google search results which i did not visit at all… does anyone have an answer to that?


Hello @vanxious 

Please check whether the bowers addones do this behavior or not. There is a high probability that they are doing this “good” things.

Regards.

Reply