Hi everyone, i’d like to start off by saying that i’ve been pirating for a while and have always stuck to sites that are reccommended on various megathreads and considered safe. Sorry for the long winded explaination.
So i was downloading a game from gamdie (which i have before with no issue) and one from steamrip (i don’t remember any issues there) and the gamdie file was almost immediately flagged by WD as trojan. i didn’t even make it in time to click anything that all these other trojans started popping up and WD closed on its own. i panicked and deleted the files and tried to run malwarebytes which i thought was installed already (but apparently not) and it turns out i can’t even install it, it says the app can’t run and to check different versions. I checked on taskmanager and it seems nothing immediately fishy was there, WD gave me back a list of the trojans it found and i deleted them, firefox has acted weird a couple times (duplicating tab instead of opening new one, or opening settings instead), and some of my login info is gone from my browser. i still can’t install malwarebytes, and i’m kinda not handling this well, so any help is appreciated.
i couldn’t read what all the trojans are and WD won’t tell me what they are now, but i remember having seen trojan wacaca (or somehing) and trojan malmar (or something like that). Thank you!
Edit: thank you to everyone that replied, between your advice and the sources I found here (linked below) I apparently found a cryptominer and it seems my system should be clean now. I’ll run some extra stuff to be sure and hopefully that will be that. Have a nice day!
https://www.reddit.com/r/antivirus/comments/jh3s0g/virus_deleted_or_not/
In the future, you might want to use a virtual machine when you’re unpacking new payloads.
At this point, use Windows defender to do a offline scan, so it reboots and scans the entire computer from a special operating environment.
If you’re not using Windows, mount the drive on a different computer and do a scan that way.
It’s likely the computer is not tainted, cuz your virus scanner caught it before you ran it. But if you’re very paranoid, or if the computer is very sensitive, it doesn’t hurt to reinstall everything from scratch. And then in the future use virtual machines
Thank you for your reply! I will try the offline scan, it’s a good idea! Yeah I’m definitely not gonna mess round on my native environment anymore, it’s not worth the hassle really
While it’s best to be safe, many of the cracks are flagged as false-positives by WD. Just because it is flagged as a Trojan, it doesn’t 100% mean it is.
Yeah I remember that happening a couple times as well, and thought it was probably nothing until I started to get some weird behaviors, it bothers me I couldn’t check all the Trojan and that apparently I can’t install malwarebytes and that WD isn’t doing an offline scan, it just reboots the pc immediately
In future, assume everything is a hostile payload until scanned.
Microsoft provides free VM images of various versions for developers to test with, use one of them, install whatever scanning tool you want, then install your suspicious payload.
Rinse repeat.
I will look into this, it’s really not worth taking the chance…it’s all well and good until it isn’t lol
hmm, I know you said that you couldn’t install malwarebytes, but did you try Kaspersky? A friend of mine told me it saved his computer once
Thank you, I’ll try this as well!
free & open source ☞
ClamWin is a Free Antivirus program for Microsoft Windows 10 / 8 / 7 / Vista / XP / Me / 2000 / 98 and Windows Server 2012, 2008 and 2003.
ClamWin Free Antivirus is used by more than 600,000 users worldwide on a daily basis. It comes with an easy installer and open source code. You may download and use it absolutely free of charge.
Thanks for the link! I haven’t heard of it before, what makes you recommend it?
While I’ve used ClamAV and knew they had a Windows app as well as other platforms I’ve never heard of the above website, and it smells funny to me.
https://www.clamav.net/downloads
ClamAV has been around for years, and I’d throw caution to the wind with the above Windows executable from ClamWin…
cc: @merde@sh.itjust.works
it’s listed on clamav “community projects” page: https://docs.clamav.net/manual/Installing/Community-projects.html
wikipedia: https://en.wikipedia.org/wiki/ClamWin_Free_Antivirus
their sourceforge: https://sourceforge.net/projects/clamwin/
Ah I see, that’s pretty cool. Suppose it’s just the look of their website that reminded me of a knock off site or something.
like ladfrombrad wrote, the project “has been around for years”
and most importantly it’s free and open source
any luck ?
if there’s a chance something nasty got loose on your system, i wouldn’t trust it anymore even if some antivitus succeeds in quaranteening something. if you didn’t have a primary password in your browser, all of the saved passwords may have been compromised. i would reinstall OS and change all the saved passwords.
I keep getting very conflicting info from my pc: some logins are gone but not all of them, the pc and firefox acted up with unpredictable minor glitches for the rest of the evening but then they cleared, so I just have no idea what to even begin thinking.
a few years back i was pirating some movie after a bottle of captain morgan. i remember not being able to play the movie and suddenly the file was gone so i downloaded it again, same thing. the next day i noticed the whole system running a little sluggish and some things just wouldn’t work. then i noticed that i had several notifications from windows defender, it had blocked the movie. checked the torrent again and it was a damn .exe… i ran malwarebytes and it found nothing. i didn’t bother reinstalling because it felt normal after a reboot, but it bothered me for the next two years until i hopped into team penquin. just do a clean reinstall, and you can forget about it.
Lmao gotcha, I get your drift 😊 thanks for the help!
Nothing shady imo
Can you expand on this? I’d like to hear both sides of the argument :)