[Kaspersky File Anti Virus is Detecting HEUR Trojan Script Generic in MSEdge Spamming Me With Notifications]

Wow... so its not just me eh? 😅 But yeah you're right, something related to Edge was accessing it. But what it was, I still have no clue. I guess I'll leave this matter aside for now since I no longer have Edge installed. 

Anyways, @harlan4096thank you for all the help. Appreciate it heaps. (❤´艸｀❤) Have a nice day mate and take care (wishing the same to everyone else in this forum). 

PS: Thank you for the warning about the last link as well. 

[Kaspersky File Anti Virus is Detecting HEUR Trojan Script Generic in MSEdge Spamming Me With Notifications]

On 11/14/2023 at 11:07 AM, harlan4096 said:

Still getting the heur detection?

Well, I uninstalled Edge so nothing is appearing. I haven't installed it back again. I think I might have to do a full system reset before installing it.

Also, I forgot to say this but back then whenever, the browser was opened, a request would be made to an unknown code.yengo.com site. Upon checking it with virus total, it seems to be an ad-ware site thereby indicating that remnants were still present (possibly). (Note: this happened after resetting the browser and removing all extensions and 3rd party cookies.)

 

I haven't seen anything pop up about this or heuristic detections since Edge was uninstalled. I pasted the hash of the file and VT couldn't detect it (unfortunately). I think I will run like this without Edge for a while... maybe after I do a system reset (fresh OS installation) and re-install Edge probably this madness will end. 

Here's the log of the detected object:
Component: File Anti-Virus
Result description: Detected
Type: Trojan
Name: HEUR:Trojan.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: ea88397a-f7fd-473c-8e26-900e49980bc2.tmp
MD5 of an object: 85382C4B24A2E5FE4D9FF43BBF6FA00F
Reason: Expert analysis
Databases release date: 28-Oct-23 8:00:00 AM


I hope KAV could look into this matter and update their DBs (if this is a genuine case) so that all the traces of the malware can be removed. 

[Kaspersky File Anti Virus is Detecting HEUR Trojan Script Generic in MSEdge Spamming Me With Notifications]

7 hours ago, Flood and Flood's wife said:

Hello  @ElNoSabe322, 

Thank you for posting back!

According to @Yury N., 

Reference topic: home free for linux, by safeAnonym:

qte:

"We working under a free Kaspersky Virus Removal Tool for Linux (KVRT for Linux). Expected in April - May 2024."

Endqte. 

Thank you🙏
Flood🐳+🐋

@Flood and Flood's wifeThank you for sharing this. Looking forward to this. 🙏

[Kaspersky File Anti Virus is Detecting HEUR Trojan Script Generic in MSEdge Spamming Me With Notifications]

6 hours ago, harlan4096 said:

Try this:

 

1.- Download https://www.malwarebytes.com/adwcleaner?lr

 

2.- Run a scan, and pasted here in Your next post, the results.

1) Done. Thank you for the link.
2) I've attached the screenshots and I've also pasted the log below. I did not remove the preinstalled Acer files as these were from the OEM and I use some of their features.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-13-2023
# Duration: 00:00:00
# OS:       Windows 10 (Build 19045.3636)
# Cleaned:  3
# Failed:   0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete IFEO
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [12271 octets] - [13/11/2023 19:25:05]
AdwCleaner[S00].txt - [4009 octets] - [13/11/2023 19:25:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Kaspersky File Anti Virus is Detecting HEUR Trojan Script Generic in MSEdge Spamming Me With Notifications]

1 hour ago, harlan4096 said:

It is probably a false positive, or a browser extension...

False positive? Hmm... maybe? But considering that I did attacked, my paranoia forces me to think otherwise 😖

Or yeah maybe some hidden browser extension that I couldn't see or remove.

[Kaspersky File Anti Virus is Detecting HEUR Trojan Script Generic in MSEdge Spamming Me With Notifications]

8 hours ago, Crylune said:

Uninstalling Edge brought far-reaching repercussions for me when I tried it a year ago. It completely blocked cumulative updates, for some reason. I would just not use it instead of bothering to remove it. Microsoft made it an integral part of the operating system, and I don't really agree with that, but what can you do. Their OS, not mine...

True.... funny now that you said I'm slowly starting to see that my OS is falling apart beginning with the quick access history being erased upon system restart, windows spotlight failing to load, and of course the classic - longer boot times. 😭

My feelings exactly. The only reason why I'm holding on to Windows is cause of Office 365. Apart from that the whole OS is whack (sorry to Windows fans). On a side note, is Kaspersky available for Linux users?

[Kaspersky File Anti Virus is Detecting HEUR Trojan Script Generic in MSEdge Spamming Me With Notifications]

On 10/28/2023 at 12:32 PM, harlan4096 said:

Do You have several users accounts in the system?

 

Try also running a reset of the Edge settings, delete all add-ons.

No it was just one account and that was me.

I did all these things. Still didn't help. In the end, I simply uninstalled Edge, I don't think there was any other solution for me. Well that seemed to have stopped these Trojans for now. 

[Kaspersky File Anti Virus is Detecting HEUR Trojan Script Generic in MSEdge Spamming Me With Notifications]

Even I'm facing the same issue. I've kept the same Edge settings as you, I have removed all extensions from Edge. I've run a quick scan and a full scan and nothing has been detected so far. (I did have a virus attack a while ago, but I think I've removed all traces of it with Kaspersky; the new scans show no traces of any virus.
I've no idea what to do now. Even the temporary solution of blocking all cookies does not seem to work for me because every time I open Edge I get this same notification and the file is subsequently deleted but I'm confused about what to do.

I only use Edge on one PC so it is not sycned anywhere else.

Edge version: 118.0.2088.76

OS: Windows 10, Version 22H2, OS Build 19045.3570

Kaspersky version: 21.14.5.462

Do you have any suggestions about the same?@harlan4096

Thanking you in advance.