Jump to content
 

Kaspersky thinks 'prototype.js' is a trojan

47137

By 47137,
in Forum Rules, Notices, Faults & Help

 Share

Recommended Posts

  • RMweb Premium
47137

47137

Posted
  • RMweb Premium
Posted

Throughout much of today, Kaspersky anti-virus has been telling me each page on the RMWeb is malicious, and is blocking the javascript. None of the drop-down menus work, and I can't edit a blog post or even post a screen capture, but in essence the message is this:

Object name HEUR:Trojan.Script.Generic

Object

http://www.rmweb.co.uk/community/public/js/3rd_party/prototype.js

Application

Opera Internet Browser

Object Type

Trojan program

 

I've tried another browser (Edge) with the same result. Bearing in mind no-one else has reported anything along these lines, please what might I do (short of disabling the a/v) to get useful access to the site? Other web sites seem to work fine.

 

- Richard.

Link to post
Share on other sites
  • RMweb Gold
martin_wynne

martin_wynne

Posted
  • RMweb Gold
Posted

Hi Richard,

 

HEUR means "heuristic" which is a fancy name for a guess. In other words Kaspersky hasn't actually found a trojan, it just thinks something looks a bit odd. There should be a way to tell it that it's wrong, and this file is ok. Assuming it is, of course.

 

cheers,

 

Martin.

Link to post
Share on other sites
wombatofludham

wombatofludham

Posted
Posted

I'm having the same on Micro$haft Edge and it's removed a lot of the functions as well, although I can read fine. As I'm going to digitally detox for the next few days as I visit relatives it's not a massive thing but I assume it'll get fixed somehow.

 

Also using the Russian Mafia internet security, and it seemed to start after the most recent Kaspersky update.

Link to post
Share on other sites
sb67

sb67

Posted
Posted (edited)

Went to log on this morning and RMweb has been behaving differently, instead of a small log on box appearing in the middle of the screen and it remembering my password a whole new page opened up and each time I have to type my password in. Also when I click on the my profile drop down box in the top right of the page that does not appear and if I click on it, it takes me to my member profile. Not sure what could have happened, coincidence or linked to the above?

Wanted to add I was on the site around 6am and I tried logging on at 7ish and I noticed the problems.

Steve.

Edited by sb67
Link to post
Share on other sites
  • RMweb Premium
47137

47137

Posted
  • Author
  • RMweb Premium
Posted

Hi Richard,

 

HEUR means "heuristic" which is a fancy name for a guess. In other words Kaspersky hasn't actually found a trojan, it just thinks something looks a bit odd. There should be a way to tell it that it's wrong, and this file is ok. Assuming it is, of course.

 

cheers,

 

Martin.

 

Martin - many thanks for this. In Kasperky's own words,

A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).

 

Down in the depths of its UI, Kaspersky has a check box to let you turn off heuristic analysis, but this is a global setting for the program. It seems, you can tell Kaspersky about an individual application software, but not a trusted web site.

 

The trouble is of course, for me I would be very reluctant to turn the heuristics off, because the possibility of a hack on the RMWeb is finite. I've got no idea whether the antivirus software has made a correct judgement, but I suspect it knows more about making guesses than me.

 

Andy - whatever has changed, the features of the site I usually use all seem to be working fine now. Many thanks.

 

- Richard.

Link to post
Share on other sites
  • RMweb Gold
55020

55020

Posted
  • RMweb Gold
Posted

As already reported elsewhere by me, Windows10, Chrome says rmweb is not secure. Maybe one of your certificates is out of date?

 

It is shown as "Not secure" because RMWeb isn't an https website i.e. data sent to/from the website isn't encrypted.  All perfectly fine and normal  :sungum:

Link to post
Share on other sites
royaloak

royaloak

Posted
Posted

It is shown as "Not secure" because RMWeb isn't an https website i.e. data sent to/from the website isn't encrypted.  All perfectly fine and normal  :sungum:

Damn right its not secure, this website has done a fine job of emptying my wallet, especially that bloomin bargain hunters thread!  :jester:

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...