Jump to content

A very good virus?

MaxtheHusk
 Share
Posted

Hello guys! So the other there, one of my friends wanted to get some scripts on a Roblox game (neither did I or he know that, the respective game did not have scripts for a while) and since I used some scripts in the past, I advised him to proceed with caution. So he downloaded a injector with some scripts, but in the installation setup he had to allow all oh those crappy bloatware and spam, however I told him to just skip those, but he did not. After he did all that, a bunch of windows CMD'S and also a lot of google tabs. Then hes PC crashed, and he got security alerts from all of his Google Accs., and right after that, his Steam Acc. and Discord Acc. started sending those weirds mesaages to all his friends, to click on a link for something free and stuff, after that he reinstalled windows and created new passwords. It all went great, until yesterday when all of this stuff happened again. So what is to do? Im guessing that the virus had some kind of deep roots that it restared again, since he didnt do shady stuff after the reinstall. Can you guys help me and him with this? Also, I am sorry if i picked the wrong topic.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

probably forgot to force sign out, change emails, and reset to a true different password.  There is options I think in Discord, Steam and Google that force you to sign out of all machines, and make sure that the google account doesn't have anything that forwards his emails to another account which could be possible. Enable 2FA for google, and steam and discord.

He might also wanna try malwarebytes to see if he manged to install a rootkit which is possible. Malwarebytes should take care of it.

NEVER GIVE UP. NEVER STOP LEARNING. DONT LET THE PAST HURT YOU. YOU CAN DOOOOO IT

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
9 minutes ago, MaxtheHusk said:

Hello guys! So the other there, one of my friends wanted to get some scripts on a Roblox game (neither did I or he know that, the respective game did not have scripts for a while) and since I used some scripts in the past, I advised him to proceed with caution. So he downloaded a injector with some scripts, but in the installation setup he had to allow all oh those crappy bloatware and spam, however I told him to just skip those, but he did not. After he did all that, a bunch of windows CMD'S and also a lot of google tabs. Then hes PC crashed, and he got security alerts from all of his Google Accs., and right after that, his Steam Acc. and Discord Acc. started sending those weirds mesaages to all his friends, to click on a link for something free and stuff, after that he reinstalled windows and created new passwords. It all went great, until yesterday when all of this stuff happened again. So what is to do? Im guessing that the virus had some kind of deep roots that it restared again, since he didnt do shady stuff after the reinstall. Can you guys help me and him with this? Also, I am sorry if i picked the wrong topic.

I'm guessing either your friend lied about not doing shady things

or

What infected his PC before put a copy of itself in other partition / drive , and your friend only nuked C: partition or the OS drive.

There is approximately 99% chance I edited my post

Refresh before you reply

__________________________________________

ENGLISH IS NOT MY NATIVE LANGUAGE, NOT EVEN 2ND LANGUAGE. PLEASE FORGIVE ME FOR ANY CONFUSION AND/OR MISUNDERSTANDING THAT MAY HAPPEN BECAUSE OF IT.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
15 minutes ago, MaxtheHusk said:

Hello guys! So the other there, one of my friends wanted to get some scripts on a Roblox game (neither did I or he know that, the respective game did not have scripts for a while) and since I used some scripts in the past, I advised him to proceed with caution. So he downloaded a injector with some scripts, but in the installation setup he had to allow all oh those crappy bloatware and spam, however I told him to just skip those, but he did not. After he did all that, a bunch of windows CMD'S and also a lot of google tabs. Then hes PC crashed, and he got security alerts from all of his Google Accs., and right after that, his Steam Acc. and Discord Acc. started sending those weirds mesaages to all his friends, to click on a link for something free and stuff, after that he reinstalled windows and created new passwords. It all went great, until yesterday when all of this stuff happened again. So what is to do? Im guessing that the virus had some kind of deep roots that it restared again, since he didnt do shady stuff after the reinstall. Can you guys help me and him with this? Also, I am sorry if i picked the wrong topic.

Not sure what he expected to come of that.

 

Whenever it comes to reinstalling Windows, there's two ways to go about it. Chances are he probably went with the option to preserve his files, when the most effective way is to back up important things like pics, documents, etc. (save for the shit he downloaded that caused this) and nuke everything with the option that deletes everything on the system drive when it does a reinstall.

 

Aside from that, he should probably run malware and/or virus scans. Malwarebytes might help with this problem. I personally use Kaspersky security on my Windows installs, and it works better than Windows Defender. It's paid software, but is reasonably priced. Whatever route he goes with, I recommend that he does a full scan and not just a quick scan.

 

Also in regards to his accounts. For his email accounts I recommend he goes and check those accounts to see if there's any logins that he doesn't recognize. It will also allow him to see if there's any unrecognized devices that are logged into his email accounts. I recommend that he change his passwords, and not only that but enable two factor authentication, which gives him notifications and texts on his phone when attempts to login are made.

⣿⣿⣿⣿⣇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠉⠛⠻⣿⣿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣦⠀⠀⠀⠀⠀⠀⠀⠀⢀⣤⣄⡀⠀⢻⣿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣇⠀⠀⠀⠀⠀⠀⠀⠸⣿⣿⣿⠃⢰⣿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣿⣆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣼⣿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣿⣿⡆⠀⠀⠀⠀⠀⠀⢶⣶⣶⣾⣿⣿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣿⣿⣧⠀⢠⡀⠐⠀⠀⠀⠻⢿⣿⣿⣿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣿⣿⣿⡄⢸⣷⡄⠀⠣⣄⡀⠀⠉⠛⢿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣿⣿⣿⣇⠀⣿⣿⣦⠀⠹⣿⣷⣶⣦⣼⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣼⣿⣿⣿⣷⣄⣸⣿⣿⣿⣿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿

⣿⣿⡿⢛⡙⢻⠛⣉⢻⣉⢈⣹⣿⣿⠟⣉⢻⡏⢛⠙⣉⢻⣿⣿⣿

⣿⣿⣇⠻⠃⣾⠸⠟⣸⣿⠈⣿⣿⣿⡀⠴⠞⡇⣾⡄⣿⠘⣿⣿⣿

⣿⣿⣟⠛⣃⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣷⣿⣿⣿⣿⣿

⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Usually common sense and windows defender is all you need to protect yourself.

 

Seems like you have a maleware that has stuck to your PC. It could be sitting in your other drivers or even inside your chrome account. It could be coming back after you sync your chrome account or any similar account that does something like that. Use Malewarebytes to do a thorough scan and see where and what the maleware is, then get rid of it. If it is sitting inside your accounts online, it could be in your addons and extensions, then you'll need to reset those properly

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
36 minutes ago, Inception9269 said:

Not sure what he expected to come of that.

 

Whenever it comes to reinstalling Windows, there's two ways to go about it. Chances are he probably went with the option to preserve his files, when the most effective way is to back up important things like pics, documents, etc. (save for the shit he downloaded that caused this) and nuke everything with the option that deletes everything on the system drive when it does a reinstall.

 

Aside from that, he should probably run malware and/or virus scans. Malwarebytes might help with this problem. I personally use Kaspersky security on my Windows installs, and it works better than Windows Defender. It's paid software, but is reasonably priced. Whatever route he goes with, I recommend that he does a full scan and not just a quick scan.

 

Also in regards to his accounts. For his email accounts I recommend he goes and check those accounts to see if there's any logins that he doesn't recognize. It will also allow him to see if there's any unrecognized devices that are logged into his email accounts. I recommend that he change his passwords, and not only that but enable two factor authentication, which gives him notifications and texts on his phone when attempts to login are made.

Thank you for the advise, so I actually informed him about malwarebytes and do a scan, he did it with me and he found like 2 detections, deleted them, then he reinstalled windows which was a 100% clean install.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
30 minutes ago, Jon-Slow said:

Usually common sense and windows defender is all you need to protect yourself.

 

Seems like you have a maleware that has stuck to your PC. It could be sitting in your other drivers or even inside your chrome account. It could be coming back after you sync your chrome account or any similar account that does something like that. Use Malewarebytes to do a thorough scan and see where and what the maleware is, then get rid of it. If it is sitting inside your accounts online, it could be in your addons and extensions, then you'll need to reset those properly

Ok thanks man, so he did a scan with malwarebytes and then reinstalled windows. He had 2 detections and deleted them, but this was the few days ago, the recent new "attack" happened yesterday and he did a scan and found nothing yesterday

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Troubleshooting

×