Chinese dotnet

n0tparaN0iA

I work in IT for 20 years and im a bit ashamed to say that for the first time this kind of thing happened to me, i was very distracted with something else.

Running a Win11 Pro - all updates installed.

Ok ill start with what happened -

Purchased a wifi cam through TEMU - Cam365.
It has option to store / upload recording to the cloud.
Now i found that quite usefull as i didnt have a spare SD card around.
To purchased i needed a CC - so i created an virtual 1 time CC.
Now the purcase button in the sofware openned a website and because I was so distracted i diddnt notice that another site opened on top over it. same style same font etc. and on this page i continued and entered my details - CUT Tool long / summary:

They tried to take out money of the card a few hours later. Luckily declined as it was 1 time CC.

Few days after i got a phone call form a dude claiming to be from a crypo exchange and that i had a dormant account on which i purchased some coines in 2016 whch were worht 50k plus.

So from that moment all bells went off - he said he was working for the exchange and that he had all the detail from my account. So i had him confirm what he exactly had on me, beholl it was the info from the Above mentioned CC inluding fake addres etc.

So decided to get my devices a little TLC as welll, Purchased copy of Bitdefender + VPN.

Ran some test on BitDef / and other products - all came back clean.

But i noticed something very werid in my list of applications - A chinese dotnet and according to the translation the characters point to a popular chinese download manager.

However i am unable to uninstall it - it doesn show in the list when i want to remove it.
I cant find entries in the program files folder or the registry about it.

Any input much appreciated - FYI as mentioned before - (deep) scans from both bitdef and

P.S. this is my first post, if posting in the wrong location my apologies.

Flexx

https://community.bitdefender.com/en/discussion/99874/chinese-dotnet

Kindly check if the following steps help.

1) Make use of Bitdefender Rescue Environment: https://www.bitdefender.com/consumer/support/answer/29132/

2) Remove Adware, pop-ups, and browser redirects from your Windows PC: https://www.bitdefender.com/consumer/support/answer/2574/

3 Open the Run command and execute the following commands one by one:

temp – delete all the files in the folder.

%temp% – delete all the files in the folder.

prefetch – delete all the files in the folder.

4) Reset the Windows host file to default. You can find instructions here: https://support.microsoft.com/en-us/topic/how-to-reset-the-hosts-file-back-to-the-default-c2a43f9d-e176-c6f3-e4ef-3500277a6dae

5) Run Disk Cleanup using this guide: https://support.microsoft.com/en-us/windows/disk-cleanup-in-windows-8a96ff42-5751-39ad-23d6-434b4d5b9a68

6) Download Revo Uninstaller Free: https://www.revouninstaller.com/products/revo-uninstaller-free/ and check if the Chinese software is showing up. If yes, then uninstall it; if not, proceed further.

7) Download O&O AppBuster: https://www.oo-software.com/en/ooappbuster and check if the Chinese software is showing up. If yes, then uninstall it; if not, proceed further.

8) Download Microsoft .NET Framework Cleanup Tool: https://www.majorgeeks.com/files/details/microsoft_net_framework_cleanup_tool.html

9) Download Microsoft .NET Framework Repair Tool: https://www.microsoft.com/en-in/download/details.aspx?id=30135

Let us know if the issue gets resolved.

Regards

Alexandru_BD

Hi,

That's a very interesting story, thanks for sharing @n0tparaN0iA. I had the app on my phone at some point, but never really ordered anything from them. Deals can be found, that's for sure, but at the same time it’s clear that shopping on the platform comes with its risks, given the mixed experiences of shoppers.
Here's an insightful article I found about this app:

https://ktvz.com/stacker-news/2024/04/19/is-it-safe-to-shop-on-temu-here-are-5-scams-to-avoid-on-the-popular-online-shopping-platform/

Good thing you had a virtual card, that was a very smart move! 👍️

I've been thinking for a while if we should create a category/sticky discussion where such stories can be told, to raise awareness and allow forum members to exchange experiences that can help boost their defenses. To hear more about spamming and phishing tactics out there, and foster knowledge about these practices.

So once again, thank you for sharing this with us and I'm glad to hear no damage was done.
Let us know if you managed to remove that app from your device.

Regards,

Alex

Flexx

Is it related to mobile devices or Windows devices, since the question was asked in the Windows forum?

You can also check the website stated below

https://malwaretips.com/blogs/temu2022/

https://malwaretips.com/blogs/temu-enter-code-scam/

Regards

Alexandru_BD

Yes @Flexx, the user did specify they are using Windows - Running a Win11 Pro - all updates installed. 🙂

Flexx

My bad. After reading your comments, I thought it was redirecting to an Android talk. Then I was like, how can it be? 😂