ElNoSabe322

Wow... so its not just me eh? 😅 But yeah you're right, something related to Edge was accessing it. But what it was, I still have no clue. I guess I'll leave this matter aside for now since I no longer have Edge installed. Anyways, @harlan4096thank you for all the help. Appreciate it heaps. (❤´艸｀❤) Have a nice day mate and take care (wishing the same to everyone else in this forum). PS: Thank you for the warning about the last link as well.

Well, I uninstalled Edge so nothing is appearing. I haven't installed it back again. I think I might have to do a full system reset before installing it. Also, I forgot to say this but back then whenever, the browser was opened, a request would be made to an unknown code.yengo.com site. Upon checking it with virus total, it seems to be an ad-ware site thereby indicating that remnants were still present (possibly). (Note: this happened after resetting the browser and removing all extensions and 3rd party cookies.) I haven't seen anything pop up about this or heuristic detections since Edge was uninstalled. I pasted the hash of the file and VT couldn't detect it (unfortunately). I think I will run like this without Edge for a while... maybe after I do a system reset (fresh OS installation) and re-install Edge probably this madness will end. Here's the log of the detected object: Component: File Anti-Virus Result description: Detected Type: Trojan Name: HEUR:Trojan.Script.Generic Precision: Heuristic Analysis Threat level: High Object type: File Object name: ea88397a-f7fd-473c-8e26-900e49980bc2.tmp MD5 of an object: 85382C4B24A2E5FE4D9FF43BBF6FA00F Reason: Expert analysis Databases release date: 28-Oct-23 8:00:00 AM I hope KAV could look into this matter and update their DBs (if this is a genuine case) so that all the traces of the malware can be removed.

@Flood and Flood's wifeThank you for sharing this. Looking forward to this. 🙏

1) Done. Thank you for the link. 2) I've attached the screenshots and I've also pasted the log below. I did not remove the preinstalled Acer files as these were from the OEM and I use some of their features. # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 11-13-2023 # Duration: 00:00:00 # OS: Windows 10 (Build 19045.3636) # Cleaned: 3 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete IFEO [+] Delete Prefetch [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner_Debug.log - [12271 octets] - [13/11/2023 19:25:05] AdwCleaner[S00].txt - [4009 octets] - [13/11/2023 19:25:15] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

False positive? Hmm... maybe? But considering that I did attacked, my paranoia forces me to think otherwise 😖 Or yeah maybe some hidden browser extension that I couldn't see or remove.

True.... funny now that you said I'm slowly starting to see that my OS is falling apart beginning with the quick access history being erased upon system restart, windows spotlight failing to load, and of course the classic - longer boot times. 😭 My feelings exactly. The only reason why I'm holding on to Windows is cause of Office 365. Apart from that the whole OS is whack (sorry to Windows fans). On a side note, is Kaspersky available for Linux users?

No it was just one account and that was me. I did all these things. Still didn't help. In the end, I simply uninstalled Edge, I don't think there was any other solution for me. Well that seemed to have stopped these Trojans for now.

Even I'm facing the same issue. I've kept the same Edge settings as you, I have removed all extensions from Edge. I've run a quick scan and a full scan and nothing has been detected so far. (I did have a virus attack a while ago, but I think I've removed all traces of it with Kaspersky; the new scans show no traces of any virus. I've no idea what to do now. Even the temporary solution of blocking all cookies does not seem to work for me because every time I open Edge I get this same notification and the file is subsequently deleted but I'm confused about what to do. I only use Edge on one PC so it is not sycned anywhere else. Edge version: 118.0.2088.76 OS: Windows 10, Version 22H2, OS Build 19045.3570 Kaspersky version: 21.14.5.462 Do you have any suggestions about the same?@harlan4096 Thanking you in advance.