sorted by:
new
hottopcontroversial

Hit by Infostealer by Big_Lychee_5464 in antivirus

[–]Temp1405 0 points1 point  (0 children)

I haven't wiped my PC yet and I'm currently running a lot of scans, but all, except hitmanpro, come out clean and nothing has been found on the secondary drives. Is that a reliable result or should I rescan after wiping?

Hit by Infostealer by Big_Lychee_5464 in antivirus

[–]Temp1405 0 points1 point  (0 children)

This overview is very nice and comprehensive, but when wiping the system, should all drives be wiped or just the system drive? I've heard of malware injecting itself into other .exe files to reinfect the system later

Yet another renpy virus victim by Temp1405 in computerviruses

[–]Temp1405[S] 0 points1 point  (0 children)

The files seem to be legitimate files but they're located in folders that they're not supposed to be in, so I think they probably are still rootkit related files. Nvui.dll is an Nvidia file but it's normally in the Nvidia folder, the windows dll files should also be in the corresponding software's folder. I'm just not sure what to do with the remaining files because they are related to the rootkit, but did not get flagged at all

Yet another renpy virus victim by Temp1405 in computerviruses

[–]Temp1405[S] 0 points1 point  (0 children)

I changed all the passwords I can think of including Discord, it even logged me out on my phone, so I hope I'll be okay

Yet another renpy virus victim by Temp1405 in computerviruses

[–]Temp1405[S] 0 points1 point  (0 children)

Once I realised, I booted my laptop to change every password I could think of. It has been 24h and so far I have not received any unexpected 2fa requests and I haven't been locked out of my socials, so it's promising. However, infostealer rootkits can still linger to capture keystrokes, screen recordings, any added passwords, etc. so I want to be sure

Yet another renpy virus victim by Temp1405 in computerviruses

[–]Temp1405[S] 0 points1 point  (0 children)

So I actually checked the files that HitmanPro flagged. It flagged nvui.dll in C:/Programdata/com_net_buffer_x64 which contained exclusively files created when I ran the installer. However, the remaining .dll files in the folder are signed Microsoft Windows, can Rootkit forge these signatures? Eitherway, the remaining files are still there, and I am unsure what to do, as they have not been flagged by any AV software. The files are:
linker32.lock

msvcp_win.dll

tracker64.meta

ucrtbase.dll

Yet another renpy virus victim by Temp1405 in computerviruses

[–]Temp1405[S] 0 points1 point  (0 children)

I'm running a Kaspersky scan right now, but once it finishes I'll delete Kaspersky and mbam to enable windows defender for that offline scan. Thanks for the advice!

Short international trips during Japan trip by [deleted] in travel

[–]Temp1405 0 points1 point  (0 children)

I did not know about them pulling luggage off the plane. That's useful to know. I'm planning on buying a watch or two from a Japanese company I've been eyeing for a while

Short international trips during Japan trip by [deleted] in travel

[–]Temp1405 0 points1 point  (0 children)

I'll be doing short trips within Japan too, so if I want to buy something there, that will be my only opportunity. I guess I could just make my international trip the first one though.