user34015
-
Posts
5 -
Joined
-
Last visited
Never
Posts posted by user34015
-
-
Thanks. I did that asap. I still want to find out whether the passwords.txt and others had been stolen already before I installed Kaspersky (if the damage had already been done).
If the scans aren’t showing anything, that must mean, I’m not being monitored or something, right?
-
I've downloaded and tried to install a third party setup.zip.
- Windows Defender detected Trojans continuously until I rebooted.
- I permanently deleted the downloaded setup.zip and the corresponding files created/modified in the C drive at the same time the Trojans were detected.
- I found two folders with long strings in capitals with the same modified/created time that included browsers' (edge and chrome) content (Autofill, CC, Cookies, Downloads, History, Wallets and passwords) in txt files.
- I moved the two folders and renamed them.
- Then installed Kaspersky Anti-virus and scanned. The results:
All these were pointing to one cache file named: f_002ce3
I deleted all files in the Cache folder and did a full scan. Didn’t find anything.
What does this mean? Was the browser data already been received by whoever made the setup.zip file or is it part of a long game? I realize I have no way of knowing but I’ve been worried sick for the past 2 days. What should I do next?
-
I did find a folder named clamav inside the leftover Immunet folder after uninstallation. I deleted the Immunet folder and I tried reinstalling Kaspersky av, but still detecting the same incompatible software.
-
Tried RevoUninstaller, still couldn’t find it. If needed, I could send the list of installed programs.
HEUR:Trojan-Dropper.Win32.Agent.gen
in Virus and Ransomware related questions
Posted
Ok. I’m a little relieved but I’ll still change the passwords one by one whenever I have time in case they’ve been stolen before I installed Kaspersky av.