Jump to content
Sign in to follow this  
Dav123

How to get rid of "HEUR: Trojan-Downloader" on a mac

Recommended Posts

Hi all,

 

I've discovered i had a Trojan on my mac. Suddenly most of my gmail emails disappeared on my Mail application.

I went on the gmail website to see. the same was happening : my emails were disappearing. i changed my email password. It stopped. But most of my mail were erased.

I scan my mac and discovered this : HEUR: Trojan-Downloader.Script.Generic

Kaspersky said it erased it.

I've reconstructed my gmail mailbox on the mail app with its new password. Scanned my mac again.

And the Trojan re-appeared.

Does anyone has an idea of how i can defiantly get rid of it ?

Does anyone knows if this Trojan stay in my gmail account ?

please help me !

I am on a MacBook pro 15 inch mid 2012 / on OS 10.11.1

 

Share this post


Link to post

Please post the detection path from the reports with full path expanded please. HEUR is a behavior from an emulator, and was detected by behavior and not signatures.

Share this post


Link to post
Please post the detection path from the reports with full path expanded please. HEUR is a behavior from an emulator, and was detected by behavior and not signatures.

 

Hi,

Here's what Kaspersky finds exactly:

 

/Users/myname/Library/Mail/V3/F1731CDA-CD85-47FD-A4CB-304CA2877D2D/[Gmail].mbox/Tous les message.mbox/BF67DC4A-FCB9-4DFA-9FFA-870B8833D06C/Data/7/2/2/Attachments/227352/2/Shipment_Status_ID_0004771769.zip//Shipment_Status_ID_0

 

AFTER THS I Can't read anything but " ..." The path continues but i can't find a way to copy/paste it on the Kaspersky report....

 

 

Share this post


Link to post
Sign in to follow this  

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.