Hi everyone, i’d like to start off by saying that i’ve been pirating for a while and have always stuck to sites that are reccommended on various megathreads and considered safe. Sorry for the long winded explaination.

So i was downloading a game from gamdie (which i have before with no issue) and one from steamrip (i don’t remember any issues there) and the gamdie file was almost immediately flagged by WD as trojan. i didn’t even make it in time to click anything that all these other trojans started popping up and WD closed on its own. i panicked and deleted the files and tried to run malwarebytes which i thought was installed already (but apparently not) and it turns out i can’t even install it, it says the app can’t run and to check different versions. I checked on taskmanager and it seems nothing immediately fishy was there, WD gave me back a list of the trojans it found and i deleted them, firefox has acted weird a couple times (duplicating tab instead of opening new one, or opening settings instead), and some of my login info is gone from my browser. i still can’t install malwarebytes, and i’m kinda not handling this well, so any help is appreciated.

i couldn’t read what all the trojans are and WD won’t tell me what they are now, but i remember having seen trojan wacaca (or somehing) and trojan malmar (or something like that). Thank you!

Edit: thank you to everyone that replied, between your advice and the sources I found here (linked below) I apparently found a cryptominer and it seems my system should be clean now. I’ll run some extra stuff to be sure and hopefully that will be that. Have a nice day!

https://www.reddit.com/r/antivirus/comments/jh3s0g/virus_deleted_or_not/

  • deadbeef79000@lemmy.nz
    link
    fedilink
    English
    arrow-up
    12
    ·
    edit-2
    4 months ago

    In future, assume everything is a hostile payload until scanned.

    Microsoft provides free VM images of various versions for developers to test with, use one of them, install whatever scanning tool you want, then install your suspicious payload.

    Rinse repeat.