Kaspersky
Solved

object infected by HEUR:Trojan-PSW.Script.Generic [Closed]


Hi KIS Team,

I'm an engineer working for a company, We have S3 for hosting some resources files like js, images, etc...
And we have several buckets for different environments, I came a cross a strange case where the same js file is uploaded with the same permissions, but its works on one bucket and on the other one our users get object infected by HEUR:Trojan-PSW.Script.Generic . please check below two urls:

ht_tps:_/_/_d4n2lybtj245w.cloudfront._net/images/global/site/externalJavascript/en/all.js => Not working bucket:


htt_ps_:/_/d13wl35tt0f272.cloudfront._net/images/global/site/externalJavascript/en/all.js => Working bucket:



Would you please check and advice. Note: I have the latest KIS for Mac, Also I faced the same issue on Window machine.
icon

Best answer by Wesly.Zhang 24 July 2019, 15:06

Looking forward for your reply.

Hello, okq550





Could you "Purge Cache" the website cache by cloudfront? All the KIS detected event is point to the js cache. Any better after that? If not go, Please check the cached content of detected object is as the same as the one on the server.



regards.
View original

This topic has been closed for comments

11 replies

Userlevel 7
Badge +10
Hello Okq550,
Welcome!
May we have please:
  1. Mac operating system version information
  2. (All) Kaspersky software installed, full name?, version?, patch(x) x = letter?
  3. Windows operating system, version? build? release?
  4. (All) Kaspersky software installed, full name?, version?, patch(x) x = letter?
  5. On both Windows & Mac, go to KISA REPORTS, find the detections (that you've shown in the screen images), export the report (for the shortest period) for example, if the detections are available in the last 24 hr period and in 7, 14, 30 day periods, only export the 24 hrs report, save reports, .txt file, please upload both, chosing the "upload" icon in your reply please?
Thanks!
Hi FLOOD,

Please find below:

1) Mac, Mojave, 10.14.5
2) KIS, 19.0.0.294.b.c.d
Userlevel 7
Badge +10
Hello Okq550,
Thank you for the Mac report.
(just in case I misunderstood), there is no issue for the Windows devices?
Please let me know?
Thanks!
Hi FLOOD,

Unfortunately we faced the same case on Windows.
Userlevel 7
Badge +10
Hi FLOOD,

Unfortunately we faced the same case on Windows.

Hello Okq550,
May we please have the KIS REPORT for a Windows device please?
Can you replicate the issue so the data extracted is for a current date, 24 hr period please?
Please post back.
Thanks.
Userlevel 7
Badge +8
@okq550
Also and addition to above comments from FLOOD , please submit your problem with full details to Kaspersky Lab https://center.kaspersky.com , this Forum will not be able fix this kind of issue.
Userlevel 7
Badge +10
Thanks Berny, already done.
Hi FLOOD,

Please find attached.
Userlevel 7
Badge +10
Hello Okq550,
Thank you! I
'll post back soon.
Best regards.
Looking forward for your reply.
Userlevel 7
Badge +5
Looking forward for your reply.
Hello, okq550


Could you "Purge Cache" the website cache by cloudfront? All the KIS detected event is point to the js cache. Any better after that? If not go, Please check the cached content of detected object is as the same as the one on the server.

regards.