Veerain

@harlan4096 Thankyou so much for your efforts.... really appreciate it.

Luckily I found one fix... add your url to trusted addresses... it will then work fine....

@harlan4096 @Berny this is weird.... even kaspersky detects it as safe and somehow is messing up on my pc

@Berny@harlan4096 I have changed my app to kaspersky plus and it shows this... and it shows this ... Event: Malicious object detected User: MymachineName\MyUsername User type: Initiator Application name: msedge.exe Application path: C:\Program Files (x86)\Microsoft\Edge\Application Component: Safe Browsing Result description: Detected Type: Trojan Name: HEUR:Trojan.Script.Miner.gen Precision: Heuristic Analysis Threat level: High Object type: File Object name: _app-475fd0fc86c5f15d.js Object path: MD5 of an object: 3476BF88F39C831FB5C4A09BFA2A95D6 Reason: Expert analysis Databases release date: Yesterday, 27-3-24 7.35.00 PM I checked its stats on Virus total.. the url given.. and found this.. VirusTotal - URL here is the link ... you can check it for yourself... This is way too many false positives... its like a modern day child has asthma when he visits a farm and his body over reacts over a bee sting (over active immune system). Which is considered bad even in medicine... Please look into this.. if possible share the analysis with technical team.. I will be happy to help debug this.. being a developer my self... I will be happy to help them. (But I wont entertain non official fraudsters.. so your people need to verify themselves..)

ya this line is misspelt.. Here is the corrected one.. "Mostly It tags the codes I do on various coding platforms(when I solve them on my pc) as malicious and need to restart pc to disinfect.... "

Specs : Ya so today 2 times kts didn't let me code on geeksforgeeks. Here is the info Event: Download denied User: MyMachine\MyUsername User type: Active user Application name: msedge.exe Application path: C:\Program Files (x86)\Microsoft\Edge\Application Component: Web Anti-Virus Result description: Blocked Type: Trojan Name: HEUR:Trojan.Script.Miner.gen Precision: Heuristic Analysis Threat level: High Object type: File Object name: _app-475fd0fc86c5f15d.js Object path: https://www . geeksforgeeks . org/_next/static/chunks/pages MD5: 3476BF88F39C831FB5C4A09BFA2A95D6 Reason: Expert analysis Databases release date: Today, 27-3-24 9.33.00 AM Event: Malicious object detected User: MyMachine\MyUsername User type: Active user Application name: msedge.exe Application path: C:\Program Files (x86)\Microsoft\Edge\Application Component: Web Anti-Virus Result description: Detected Type: Trojan Name: HEUR:Trojan.Script.Miner.gen Precision: Heuristic Analysis Threat level: High Object type: File Object name: _app-475fd0fc86c5f15d.js Object path: https://www . geeksforgeeks . org/_next/static/chunks/pages MD5: 3476BF88F39C831FB5C4A09BFA2A95D6 Reason: Expert analysis Databases release date: Today, 27-3-24 9.33.00 AM + Mostly It tags the codes I do on various as malicious and need to restart pc to disinfect.... Not expected from a company like kaspersky... It mostly targets exe generated (practically harmless as I coded them) and is in general not a very nice experience... Any fixes?? BTW I tried out many things mentioned in the fourms... Mostly all of them focus on disabling the "Perform recommended actions automatically" thing and add it to exceptions and turn it back on... Even then this is repeating....

ya I got my ans...

@harlan4096 India, Also since I have to buy, and sale is going on can I buy key now and activate later?? (Since some days are still left) (also does the activation begin when you first buy it or it begins after activation?? and what is the maximum duration upto which you can keep without activation)

@harlan4096 Ya its disabled in my country

@harlan4096 Since my kts time period is about up, is there any plan where I can get unlimited VPN + AV?? I was about to renew

@Guilhermesene4096 Thankyou so much for the ans, Could you confirm if there is support for onedrive in the upgraded version??

Specs : My organization(clg) has given ma 1TB of free space on Onedrive and I don't want to use much of my pc's storage storing large files.... I didn't see an option for enabling link with onedrive while backing up.. Does anyone know how to do it( if its even possible to do so?)

At least tell me that I am safe or not !! if someone doesnt know what to do they can at least escalate this??

Also please let me know how to track the one who did this so that I can give them a thankyou kiss

Hello ! I am using kts on my windows 10 home I recently got the notification from kaspersky: (you can click on the image and open in new tab to see it more clearly) Here it says that my the attack was blocked but when I went to event viewer it showed me this: The details of the event are as follows Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 27-9-23 7.49.36 PM Event ID: 4624 Task Category: Logon Level: Information Keywords: Audit Success User: N/A Computer: Xenomorph Description: An account was successfully logged on. Subject: Security ID: SYSTEM Account Name: XENOMORPH$ Account Domain: WORKGROUP Logon ID: 0x3E7 Logon Information: Logon Type: 5 Restricted Admin Mode: - Virtual Account: No Elevated Token: Yes Impersonation Level: Impersonation New Logon: Security ID: SYSTEM Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3E7 Linked Logon ID: 0x0 Network Account Name: - Network Account Domain: - Logon GUID: {00000000-0000-0000-0000-000000000000} Process Information: Process ID: 0x330 Process Name: C:\Windows\System32\services.exe Network Information: Workstation Name: - Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: Advapi Authentication Package: Negotiate Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The impersonation level field indicates the extent to which a process in the logon session can impersonate. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" /> <EventID>4624</EventID> <Version>2</Version> <Level>0</Level> <Task>12544</Task> <Opcode>0</Opcode> <Keywords>0x8020000000000000</Keywords> <TimeCreated SystemTime="2023-09-27T14:19:36.4520444Z" /> <EventRecordID>2894337</EventRecordID> <Correlation ActivityID="{debc7482-e734-0000-2a75-bcde34e7d901}" /> <Execution ProcessID="740" ThreadID="23836" /> <Channel>Security</Channel> <Computer>Xenomorph</Computer> <Security /> </System> <EventData> <Data Name="SubjectUserSid">S-1-5-18</Data> <Data Name="SubjectUserName">XENOMORPH$</Data> <Data Name="SubjectDomainName">WORKGROUP</Data> <Data Name="SubjectLogonId">0x3e7</Data> <Data Name="TargetUserSid">S-1-5-18</Data> <Data Name="TargetUserName">SYSTEM</Data> <Data Name="TargetDomainName">NT AUTHORITY</Data> <Data Name="TargetLogonId">0x3e7</Data> <Data Name="LogonType">5</Data> <Data Name="LogonProcessName">Advapi </Data> <Data Name="AuthenticationPackageName">Negotiate</Data> <Data Name="WorkstationName">-</Data> <Data Name="LogonGuid">{00000000-0000-0000-0000-000000000000}</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x330</Data> <Data Name="ProcessName">C:\Windows\System32\services.exe</Data> <Data Name="IpAddress">-</Data> <Data Name="IpPort">-</Data> <Data Name="ImpersonationLevel">%%1833</Data> <Data Name="RestrictedAdminMode">-</Data> <Data Name="TargetOutboundUserName">-</Data> <Data Name="TargetOutboundDomainName">-</Data> <Data Name="VirtualAccount">%%1843</Data> <Data Name="TargetLinkedLogonId">0x0</Data> <Data Name="ElevatedToken">%%1842</Data> </EventData> </Event> Ya so is it of any concern to me?? Actually I am in a technology institute so some dudes like to become hackers here so... is there anything that i can do to protect myself :)