286 Replies
@PurpleArch
@PurpleArch
@Orientate I forgot the steps to treating a virus
Do you have your info backed up
its okay
Let alone how did you attain it
i have no idea how i even got this trojan
i was confused when i got it and it has me kinda worried
Hmm I have an idea
Do you have your data backed up?
i thought maybe it was because i backup my dvds and cds but i deleted all those files and i dont believe it was my cds backing up because they're all mp3 files
no
im unsure what that is
Hmm okay
yeah im sorry im a little stressed out
So are you sure the Trojan is still there?
Yeah I get you
i have no idea but last time windows defender said it was quarenteened but then it said another threat was blocked at 9:33 pm in the screen shot
it gives me an option to clik on it and i wondering if i can remove it right away?
i pressed remove on it before and then it moved it to quarenteen
Okay then this is definitely manipulated
So it’s in a constant session of removing/quarantining a virus
Got it
okay sorry im not too sure what to do about it
It doesn’t make sense how windows defender would even catch it considering it’s snake oil to hackers nowadays
so it must be really old
maybe
some of my cds are from 2002
but i still dont think it was my cds or dvds
just download all your data and save it onto a usb or smth
Flush everything from your windows
Boot it back and your chilling ig
yeah i think thats a good idea
This is known as the process of backing up there’s other methods but this is what I know
all my games are saved on steam
the problem is that its my brothers laptop
im unsure if i remove my user it will fix the problem
Save his data too
i actually know his password for his user so its worth a shot
considering a Trojan is typically a type of rootkit your gonna have to save his data too
Check if the virus is being quarantined within his use
so should i just factory reset the pc?
okay i will check that too
Not yet
Back up the data obviously
yeah
im just concerned as to what caused the trojan what if its another app i downloaded or something?
What WiFi router do you use
Company wise
If it’s really old it’s probably an attack through yhere
xfinity
its not that old
it recieves updates
this is the one i use
this isnt a photo of mine just the same model i found on the internet
Okay def not through there then
yeah i assumed so
its pretty modern
What have you downloaded recently like when did you notice this virus ?
i downloaded a recreation of the backup for a webcomic called homestuck i think i gave it some permissions but i dont think its that
Bambosh
YouTube
UNOFFICIAL HOMESTUCK COLLECTION 2.0
Download it here:
https://bambosh.github.io/unofficial-homestuck-collection/
Video by Hadron
https://hadronus.com
Jungle Boogie by Michael Guy Bowman
https://twitter.com/mguybowman
it doesnt seem sketchy at all
i know a lot of people who use it
Where did you download it off is the better question
since flash ended users made this because the flash videos dont run
it was a zip file and through gich hub i believe it was really confusing at first it had a guide to download it and if you did it incorrectly it wouldnt work
i can send the link
If windows contained it then ur good
Bro you realize zip files can have malicious content
MS Paint Fan Adventures
Unofficial Homestuck Collection Installation Guide
a simple unofficial guide on how to install the unofficial homestuck collection.
Not how it works
Just delte it the file it contained
He tried that
HTTPS alright
im unsure which file it was
yeah
it doesnt seem like its the webcomic collection
Is this all you have downloaded off the web?
yeah i was thinking i should do that
some other games off itch.io like friday night funkin
like stuff off itch.io
Did he run it? Then its a different story
fnf? yeah i ran fnf
i didnt run the trojan tho
💀 nvm then
Bro cooked
fnf is just a game
Kidding, ur fine as long as those files are deleted, if ur really annoyed then u can reset ur pc
Also reset ur passwords
Since it ran
yeah nothings annoying me imm just unsure how to delete them since its been contained
whenever i click on them while its in quarenteen, windows asks me if i will allow windows to make a change and im kinda scared it might spread the trojan
Okay your good then
all my passwords are encrypted
If you didn’t run the Trojan delete it
🤦♂️
So you did run the Trojan
no i didnt
its still contained
Then how are all your password encrypted
i just dont know how to delete them
i use a password encrypter
i just use proton pass lol
Ohhh thought it was the Trojan that did
Nvm
Proton
Proton Pass: Free password manager with identity protection | Proton
Store, share and sync passwords, passkeys, email aliases, and more, on any device, with our open-source, free password manager. No trials, just free forever.
see
Delete the file that windows defenders contained
okay do i just click on it?
like through windows defender of course
Yeah
okay i trust you
whenever i press on it it asks me if i will allow windows defender to do something
should i hit yes?
I think she meant its encrypted by him lol
its actually called windows security sorry
yes i encrypted my passwords lol
also im a girl btw
Yeah
Bro what
is it that suprising lol
I would still reset ur passwords just in case
No, just super random :Bruh:
i will after i adress the problem
Oh
Mb
I see why now mb
it wont give me the option to remove it
i removed it on the regular screen but i can now see the name of the file
what do i do about this?
im so confused
are you guys still there??
@Cyber ONI um sorry im a little lost
@PurpleArch im really sorry for the ping im unsure what to do i just havent heard anything back yet
All good, I'm not as fimilar with Windows (I use Linux 🤓 )
but click on Actions
and you should see the button to remove it
it only gives me the option to allow it
i pressed removed it earlier and it moved it to my protection history
Oh
then ur all good
thats it
so i should be fine?
hisotry just....leaves it there in cause u wanna it back haha
yes
but I would still change all of ur important passwords
oh thank you so much im sorry i was kinda anxious
the only think valuable is my bank stuff and i dont even have a dollar in my account anyways
thing*
but ill change it just incase
Windows Defender known to be not all that accurate, it might've not detected anything else within that folder, sometimes files have more then just a trojan. They can be paired up with keyloggers, virus, worms, etc
No I get it, I would be too
oh 💀
if ur really paranoid, reset ur PC
and stop downloading random stuff 😅
okay. so will windows defender delete it after 30 days when i looked that up online it said it would
Upload it on "VirusTotal" if ur not sure what is
okay
ty again
so should i run all the stuff i have on my desktop to see if its compermized?
Yes, just in case among those 30 days "u wanna it back" or such, idk, kinda of a goofy feature
yeah. idk why would anyone want it back..
Wym?
i was using avg and then i got rid of it and then i got alerts from window defender
Ur stuff should work just fine
gotcha
sorry im unsure how trojans work..
yeah never run two AVs at once, never works well
yeah i heard avg wasnt better then the windows security so i removed it
Trojans disguise themselves as actual software....when their not, as long as you didn't run it, ur fine
yeah
Ur totally fine, assuming you didn't click anything in that folder
nothing works...until u click it
and/or give it admin privileges
okay ty
i feel a lot better now thank you for your help.
No worries, I'm glad! Just don't be silly and download stuff that aren't verified/pirated and you''ll be fine 99% of the time
yeah you're right
im never backing up my cds again lol
im unsure if that caused it but its a lot of work to backup them anyways
i just tried doing that inace my house got on fire and i lost all my cds and i wouldnt want to lose the media on them
sorry im yapping..
but ty cya
Windows defender is accurate, just not on scanning entire directories
Threats blocked - has been removed automatically
Quarantine - you can either allow or remove the file
You’re fine as long as you had windows defender enabled
Windows defender is more than enough
Just ensure you know the source of the thing you are installing is safe
VirusTotal
VirusTotal
Use this website if you suspect malware when downloading a software/file
💀 you don’t want a virus
Why would it be an attack throughs router.
This isn’t 1960s anymore
Your making it seem like they infected his router
Virus total is google based unless they already have a signature virus total is completely useless
Eh a Trojan could contain a keylogger in the malicious payload
Windows defender is a good front end for security but I wouldn’t recommend that be your only one it’s ass compared to other modern ones
If your unsure if it’s removed or not I’d recommend something like malware bytes since there free and paid version is a better alternative if you don’t feel like going another extreme route
We are talking about major websites of course when installing software
The popular websites would be detected real fast due to the amount of uploads made
True but unless it was previously uploaded there still a slight chance there wouldn’t be any records or signatures
Let alone if it’s actually true
At the end of the day payed software isn’t flagged
Thank you
True
Thank you guys I really appreciate the help
I'm ngl.. after getting a Trojan I wanted to take a break from my laptop lol
And it's 800 dollars and it's my brother's laptop (oof)
I'm still confused as to how I even got the trojan..
But yeah I really appreciate you guys helping me
A trojan won't explode your pc lol
it will just access everything you have
If you ever are in that sitation you should do a reinstallation
Like restart my PC completely?
Lol, it's not like I have anything valuable anyways I literally have less than a dollar in my bank account lol
Reinstallation means wiping everything in your PC as there's a trojan in your pc
Passwords
every password you have would be stolen
I ecypted them but I'm unsure if it was good enough
I'm unsure if it even was me who cause the Trojan? Maybe it was my brother but I highly doubt it..
He also has a user on the PC.
Wdym encrypted
Encrypted how
I just used proton pass lol
Thats
lmao
a trojan can still access them
Probably not good enough lol
I'd assume so
Should I just wipe my user and see if that works?
I don't want to wipe my brothers user
Even if I can back it up
you havent been hacked lmao
theres no trojan
I was just saying
Oh okay
I wouldn’t use proton pass
Why?
Anything proton in general is usually shit
what are you a linux user 😂
joking
I had avg and everything was okay then I heard it was bad. And then I go notified I had a Trojan and windows security blocked it. And then I removed it and it went to quarantine and it should be removed within 30 days
but no proton is great
What about proton is great?
What's wrong with proton
My lack of knowledge in computer science shows.. how did I even get a trojan.. bruh
Let’s see if your using it for anonymity it doesn’t have that
Proton mail lacks what it really needs
anonymity..
you realise gmail can access your emails too
any email service isnt "anonymous"
Don’t have a gmail
its just trusting the service
It my 19 years of life, I have had and used many pcs and this is the first time I ever got a trojan..
😭
Not necessarily true
There are some free options that do keep the users privacy in mind
Proton isn’t one of them
What email service do you use
thunderbird?
My own
If you really wanna Prioritize your privacy your better doing it yourself
It seems complicated since I know nothing about computer science
I wouldn’t recommend using proton VPN either because they still keep basic user logs and locations
Eh computer science isn’t that hard to grasp usually unless your learning machine binaries and trying to grasp assembly language
It’s just a learning curve I wouldn’t necessarily call anything hard
Oh okay
There’s plenty of resources and people to help anyone get started in computers
All it takes is a little effort from yourself to learn
Um I'm sorry I'm still a little anxious about the trojan.. I don't understand how I got it.. and I'm worried if it will effect me
Even after I quarantined it
Could’ve been a specific file
Usually Microsoft likes to class certain files has Trojans
I find computer science interesting I'm just worried if I slip up or something and I mess up my device lol
What would cause you to mess your device up?
No idea.. I'm so ignorant to computer science I have no idea how it works
I doubt you’d break windows Microsoft has already done a good job at that
Between the start menu lagging and crashing because it’s coded in AI
Or simply removing a file causes a blue screen
If you really wanted to test yourself you could always download Debian or Ubuntu
Scaryyyy lol. I hate the blue screen of death it has caught me off guard like 3 times
I could maybe start learning about it
Yeah it’s been getting more common in 24h2
They still have yet to resolve any of the recent bugs Microsoft’s main goal atm is there AI category
Yeah..
Blue screens kinda scary lol
Not really unless you had recovery key enabled
At that point you mind as well boot a Linux distro
Yeah. I just hate when they get me off guard
So I shouldn't worry about the trojan?
If your worried about it that much you could run Malware bytes to check your file system
Any recent files or zips you’ve downloaded as of the pop up?
I downloaded it the other day and it said it has some files that could be suspicious but nothing was flagged
No
Like I said it could’ve been a false positive usually it flags unsigned apps
Files that could be suspicious?
That's what I'm saying.. before in the past it said I have a trojan and then it just vanished? Idk..
Nothing suspicious
Most likely a false positive then
If you really wanna know if there’s any traces then you can run malware bytes
The only think I can think of is when I downloaded lost media sons from a band and I don't believe it was a vip file.
*zip
Nothing I downloaded seemed suspicous
If it was a specific file that already had a signature related usually Microsoft defender is good about removing stuff like that
Okay
I’d watch everything you download in todays age
Especially on windows
Yeah
Do you think maybe my DVD or CDS could have caused the trojan?
Who knows maybe this is your sign to get accustomed to Linux
I don’t believe so the chances of that are highly unlikely
Yeah
I was backing up the data on my cds and dvds
Though there is a slight possibility
Just incase my house got destroyed or something it would suck to lose all that data
Though it’s not 100%
I have really old dvds from 2002 and 2005
I bought 1 second hand and I don't think it's malicious
Usually malware on it could only be from someone that changed the media themselves
So you should be fine in that case
Yeah I'd assume so
Do you think maybe it's from my brother's user on the PC?
It also could’ve been a website that triggered Microsoft defender as well
Yeah but I don't think so. I mostly use YouTube or Netflix
Nothing suspicious basic web stuff
So I should be fine with the trojan right?
If another pop up comes up I’d assume it’s something your browsing
I wouldn’t say it was your brother because technically speaking making a new user separates those files from each other
Alright I'll keep that in mind
Yeah I thought so
Would it be a good idea to delete my user? And start fresh?
If your that paranoid usually clean booting fixes things for certain Trojans
Are you signed into a Microsoft account?
Yes
Technically speaking your user directory and files will still be saved to your drive still
What people fail to realize is deleting or clean booting a drive doesn’t necessarily get rid of everything on the drive
It removes the index leaving the user directory and files still being able to be recovered
Yeah. So I shouldn't bother with that idea
Nope
I'm probably just overthinking it. I should be fine
I’m advice is run a scan from malware bytes if it comes back clean when you do a custom scan over your c drive your fine if you wanna get rid of the section from Microsoft defender history you can boot into safe mode and do it
Okay
I wouldn’t suggest using Microsoft edge for browsing though
I use brave browser
Eh I guess that’s fine
I don’t really mess with chromium based browsers
Yeah I just prefer to use it for the ad block
Ublock origin is standard on majority of Firefox forks
I have no idea what ublock sorry I'm kinda slow on all of this
It’s a well known ad blocker
Cool
Brave somewhat has it implemented into there api
Chromium based browsers are scary
How?
“Chromium”
Lol
I get it
Known for data leaking and collection
I've accepted the fact that all my data is being sold and my location compromised I just can't escape it
There’s always a way
It’s not about getting rid of it it’s about preventing it from happening again
Yeah
The first step to being secure is getting off windows
I've just accepted it. It's just expected in 2025. It seems like a lot of work to try to get it to not happen
Not really one bootable flash drive you’ve basically avoided tracking and telemetry
Yeah, it seems interesting but I feel like I have nothing to even hide.. it doesn't serve a huge purpose for me.
I'm basically a nobody lol
But yeah sorry I'm yapping..
Eh being able to browse the web without having to worry about Microsoft recall or copilot taking pictures of my screen would be enough if I was you
That sounds like a huge violation of privacy. I think to some degree it's just been normalized
Not necessarily majority of people are waiting for the end of windows 10 to switch
I’ve helped multiple people move from windows
Whether it be running someone that wants to learn arch there installing arch
Debian Ubuntu or even Linux mint
Most people move for the performance boost on lower end systems
It sounds very complicated but it's probably due to my lack of understanding
What is linux..? I hear about it often
Okay sorry I'm asking way too many questions
Sorry if I'm making you talk too much
Think of it like a no tracking oasis unless your using gnome of course
I see.
I really appreciate your help and informing me I feel a lot better about my situation
I'll make sure to run malware bytes again but I'm sure everything is fine
I'm gonna take a nap cuz I'm sleepy
Make sure you run a custom scan and not a quick scan
Ty for your help again
No problem
Yeah, I took a screen shot to remember if that's okay with u
That’s fine it is a open platform
Ty
Cya I'm going to sleep (lol)
Cya
I think I know a couple people who would argue this
How
The type of thing we were talking about isn’t going to his router 😭
You skiddies are funny
It’s a Trojan 😐
It’s not going to his router 😭
Do we lack brain cells
Okay let’s explain this 🤦♂️
You know what an MITM is?
U success rate of a Trojan exploiting your router and gaining access is highly u likely
Or at least spoofing techniques
Your acting like majority of Trojans aren’t info stealers and key loggers
That’s not how it works dawg I’m not saying the damn Trojan is through the router 😭
NO FUCKING SHIT CAUSE ITS RANSOMWARE
We’re talking about Trojans though dimwit
WHERE DID INFO STEALERS/KEYLOGGERS COME INTO PLAY
You do realize a Trojan can be both right?
Depending on the type of payload 😭
I’m saying an MITM attack is possible which could’ve allowed him to download this malware
Holy shit you watch too much YouTube
Stop watching network chuck and w33t
There skids 😭
No shit but the one he got was contained by windows AV 🤦♂️
Meaning it’s hella old
It was clearly a false positive
😭
We’ve already established that
Windows AV flags shit all the time if it isn’t signed or payed for
You do realize you can pay windows to not flag your shit right?
Windows AV is known for flagging shit on the web
Windows AV is snake oil so it makes sense
It’s shit
It flags everything
It was quarantined so depending on whether it’s malware or not is the real question
Windows AV still flags OOShutup occasionally it’s a shit
Has I advised him to do hes already ran other virus scanners and nothing came back
It was most likely something on the web
He does use Microsoft edge
That only flags every fucking download known to man
Could be something as simple as downloading Spotify and Microsoft edge flags it as dangerous
Then that’s just on his shit operating system then
Windows is shit in general
Not sure what you expected from a company that uses purely AI for there security measures and start menu
No wonder so he can just run the game if it’s really that deep I could prolly try to reverse engineer the download
I use Mac/Kali so I dunno much abt windows OS
I used windows vista and windows 10/11 for a bit
Only to learn the key components of it for other shit I was doing
That’s about it
Other then that it’s not a need OS
It’s shit
Been using Linux for 8 years now no regrets
Alr welp cya around ig we can close this now
Yup
i ran a custom scan and it said everythings okay
I don’t think so 36s 😭
i did
do u want me to do it again..?
Did you click the 3 dots?
i dont really have that much stuff on my pc..
um thats kinda vague what 3 dots?
Go back to your dashboard and select the 3 dots by virus scanner
ok
Then once your in pick custom scan
yeah i did
Then select your c drive root kits if you want to and begin it
Oh well if you did you should be fine then
okay
36s just seems fast 😭
Usually the windows file system is bigger then that
this keeps popping up what do i put here..?
oh nvm
it just wanted me to check off that small check box
its running rn
Yeah that’s your c drive
okay lol sorry im dumb
Your good
If that comes back and there’s nothing I wouldn’t worry about the pop up
Worse case scenario switch browsers
okay
the scan is taking longer so i think u were right about the 30 seconds thingy
Yeah this does a full file system scan
It goes through your entire computer
alright ill tell you if it finds anything bad once its done
If it does removal is easy with this
It will take some time though so I’d get comfortable
im fine with that lol im listening to music rn anyways
ty again
Np
everythings okay
Good
Then you should be fine
alright ty
sorry im saying ty too much..
Your good
generally speaking if windows defender says it contained it, it probably contained it
windows defender is a lot better than people give it credit for, it can be slow to act sometimes but thats only because other apps pay to get virus fingerprints faster
Ty for telling me
so if you're not seeing any more symptoms of virus after like a week after you do a full windows defender scan you're realistically fine
and if you're not fine, you're either dealing withs omeone who has far too much free time in which case you can probably report them to the police or the FBI, or you are an enterprise or government actor in which case you should speak to your CISO
Windows defender is a beast in preventing malware, but I recommend malware bytes for scans instead since windows isn’t really that good for scans
Okay lol. I'm no body important so I'm assuming is something less serious
I was downloading wallpapers off websites and I believe it said a jpeg was one of the effected files
But yeah
Just to be safe I stopped going on websites and downloading wallpapers
nah they're both fine
I found more valid scans from malwarebytes from disguised malware
if that's worked for you great! though for me ive never run into anything that couldn't be solved with just appwiz.cpl lol
Lol
Fair enough
Defender is enough
Hi everyone , I wanna ask you about websites, or yt chanenl to learn cyber security, or if you have another suggestion , let me know🙏
#💬︱general not here