Kaspersky
Solved

False Positive: https://youcloaked.com/ Prevented downloading of a dangerous object

  • 13 June 2021
  • 6 replies
  • 77 views

Userlevel 1

When I try to visit my website https;//youcloaked,com/ I get false positive. Can you guys please clean this up.

Prevented downloading of a dangerous object

Prevented downloading of a malicious file or other object designed to infect your computer with malware that will slow it down, break the system or lead to other problems.

You were protected from downloading this object by Kaspersky security. You can close this window with no risk.

 

Detected at: 6/13/2021 7:39:44 PM

Web address: https://youcloaked.com/

Reason: object is infected HEUR:Trojan.Script.Generic

icon

Best answer by harlan4096 13 June 2021, 19:19

I reported that URL to KOTIP and this is the final verdict from K. analyst:

 

Hello,

Thanks for the clarification.
Almost all .js files on this domain are infected.

Trojan-Downloader.JS.Agent.oms
HEUR:Trojan.Script.Generic

We are already detecting them.

Best regards,

View original

6 replies

Userlevel 7
Badge +8

@WaqassKhalid Please submit the url  and ask for reanalyze  https://opentip.kaspersky.com

Userlevel 1

The problem is that the  https://opentip.kaspersky.com gives the result as clean whereas whenever i open the website on my pc warning is shown. Though I have submitted the reanalyze. 

Userlevel 7
Badge +8

@WaqassKhalid Another option is to submit a ticket to Kaspersky Technical Support 

https://my.kaspersky.com/techsupport#/requests/new 

Userlevel 7
Badge +8

I reported that URL to KOTIP and this is the final verdict from K. analyst:

 

Hello,

Thanks for the clarification.
Almost all .js files on this domain are infected.

Trojan-Downloader.JS.Agent.oms
HEUR:Trojan.Script.Generic

We are already detecting them.

Best regards,

Userlevel 1

let me check it ..we have imunifyAV+ maybe its bypassing it.

Userlevel 1

The team at imunifyAV+ added the signatures for the malware and now we are good to go. I am also not getting any notification when visiting this website with my Kaspersky cloud security on. Just need to confirm if its not in your blacklist database. 

Reply