Zim1
-
Posts
8 -
Joined
-
Last visited
-
Hi Kevin, Is there any way to know the extent of what was done? Were they able to retrieve files off of my computer? I have several spreadsheets with financial and password information. Is there any way to know if those were compromised? Or, was the virus more targeted at Chrome's caches? Even though the trojan looks like it is gone, I am trying to assess what exactly what was done.
-
SophosVirusRemovalTool.log SophosVirusRemovalTool_cloud4.log
-
Thanks Kevin, Sophos scan was totally clean. I'm trying to assess the damage of this. Someone did try to log into some of my accounts and did try to use some of my credit cards. They were not successful. I have been cancelling credit cards and changing passwords. If I had to guess, somehow they got access to the stored passwords and credit card info that Chrome caches? That's my only guess because that's the only place on my computer where that info exists. Do you think I need to do a full re-format of my hard drive?
-
Here's fixlog.txt. I will run Sophos overnight. Fixlog.txt
-
Attached are the 2 Malwarebytes scans. The first one that found the problem and the second one that I just ran with Scan For Rootkits set. Scan1.txt Scan2.txt
-
I ran Malwarebytes and found the 41 files that are attached above. I changed the settings to what you describe and it is running again. I ran AdwCleaner and it found 3 things: PUP.Optional.AnonymizerGadget C:\Users\jznet\AppData\Roaming\AGData PUP.Optional.Legacy C:\Program Files (x86)\AnonymizerGadget PUP.Optional.Legacy C:\Users\jznet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
-
Here's the files from FRST. Addition_25-01-2019 16.16.35.txt FRST_25-01-2019 16.16.35.txt Shortcut_25-01-2019 16.16.35.txt
-
It appears that I have a Trojan of some sort. I noticed some suspicious activity on my credit cards so I ran a MBM scan. It found the following 41 files which I quarantined. I deleted all my saved credit cards and passwords from Google Chrome but is there more that I should be doing? I hate to have to re-format my drive but I will, if required. Is it possible to tell what was stolen?
