As the title suggest, I may have installed some malicious software called Adventurous Clotth Tool from a company called Adventurous Cloth LLC.
For context, I was looking to download Driver San Francisco and because it’s no longer available for purchase anywhere my brother recommended SteamUnlocked, which he has used before. After skimming the comments I assumed it was safe, downloaded the file(big warning sign in retrospect) and installed the program, after mentioning this to my brother he told me that it should have been the game files in a zip folder, and obviously I broke down in a cold sweat.
I have run multiple checks using Malware Bytes, Windows Defender and an offline Windows Defender scan, all of which reported no problems, however obviously I’m still scared/nervous about what I have done.
Apart from don’t be an idiot, can anyone give me some advice on what I should be doing next? I tried searching for the company and program in question, but no results have come up.
You never know what malware is going to do. You could look up sandbox reports of what it did, and then end up with a modified version of the malware. Better to backup stuff, nuke the OS, and start fresh/change passwords on important stuff. Persistence can be a bitch to track down, better to nuke.
Take this as a learned lesson, and do better next time.
Back in the early 00’s I caught thousands of infections… I think somewhere around 3000 infections removed at once was my personal best. Live and learn.
Nuke it and pray to whatever spirits motivate them that they didn’t manage to install a rootkit… I’d be praying to rum, myself.
Ahh the good ol’ times, I was once adventurous like you. That’s ok, my recommendation is to make a backup of everything important that you have, if you use banking in that computer just monitor your credit cards and accout. Also it is a good idea to use KeePass or Bitwarden to handle your logins. Once you have done all that just reinstall windows. Yes it is tedious but if you are sailing the seas you need to have a escape plan. Have your backup up to date, when I was younger I had an external drive that I would update before installing dangerous stuff… That after I learned the hard way.
As far as adventurous goes, this seemed like going into the shallow end of the pool with arm bands on.
I’ve bought things through Amazon and other sites and used Paypal but I don’t think I’ve ever actually logged in to my bank on my PC, but I’m guessing I should change my passwords regardless.
The first thing I did was delete Bitwarden.
You should be ok then, but don’t worry. Tis but a scratch, matey.
if you don’t mind do a fresh install, and don’t use SteamUnlocked anymore, check here for trusted sources.
Get ublock origin if you don’t have it
Good general advice, but how will that help in this case?
that was my thought. He downloaded the file. It was not some javascript malware or such.
The way they said they installed something which was different to the game files that were expected made it sound like they might’ve clicked on an ad that was a download button instead of the actual download on the site but I might be wrong because I’ve never been on steam unlocked. They also seem like they’re new to piracy and I would definitely recommend they have a good Adblock even before they visit even the trusted piracy sites.
I was using Opera with Adblock Plus, would that be enough or after the formar, would it be wise to use Chrome/Firefox instead?
Someone can correct me if I’m wrong, but I believe Adblock Plus is the one that will let ads through so long as they’re paid to do so. Wouldn’t touch Chrome since Google, as an ad business, has the motive to kill ad blockers and is already making steps toward doing so.
Opera is fine. However, AdBlock Plus is not. It has become infected with profit-driven decisions and now lets ads through that pay. Use uBlock Origin instead.
I’m a firefox guy but it’s all preference. Definitely swap out adblock plus for ublock origin though.
Would recommend Firefox with uBlock Origin installed. Adblock Plus allows ads through so long as they get paid, it shouldn’t be used under any circumstances.
If you willing to spend some money, find a VM and see if anything bad happens. These types of VM companys won’t allow viruses and will warn you when such viruses happen.
With a bit of basic VM knowledge, this operation can be done for free. I run VMs myself to run certain macros and some windows stuff. As i am primarily a linux user.
EDIT: BUt good point @firecat . I think a VM should do the trick.
If you are technically versed, any.run can often give a good overview over the goals of the malware. You have to sign up and then upload your executable.
I recommend to format from an USB drive and use the sites in the megathread instad off steamunlocked
Can you write a for dummies guide on how to do that, or point me to a guide? Googling only brings up guides on how to format a USB Stick.
https://www.supereasy.com/how-to-use-windows-10-media-creation-tool/ Ignore the section “How to download the Windows 10 ISO file with the tool?” What is important is the beginning downloading it and the section “How to create a Windows 10 bootable USB drive with the tool?”
Hope this helps
https://www.supereasy.com/how-to-use-windows-10-media-creation-tool/ Ignore the section “How to download the Windows 10 ISO file with the tool?” What is important is the beginning downloading it and the section “How to create a Windows 10 bootable USB drive with the tool?”
Hope this helps
https://www.supereasy.com/how-to-use-windows-10-media-creation-tool/ Ignore the section “How to download the Windows 10 ISO file with the tool?” What is important is the beginning downloading it and the section “How to create a Windows 10 bootable USB drive with the tool?”
Hope this helps
It all depends on what kind of malware did you download. If I were you, I’d make a back-up of important files ASAP in case it’s some kind of an encryptor, put 2FA on my online accounts where possible and additionally change passwords where 2FA is not an option. You can also monitor traffic from time to time to see if your computer connects to some shady servers, but you most likely won’t notice anything wrong and that’s OK. Oh and remember to have another USB around with your OS installer so in case things go bad after some time you would be quickly able to set things up and running
There is a report in any.run, it appears to be advertising related or better said data mining.
So does that change anything, or should I still just format my pc?
Still format it, some of these malwares are hard to get rid of. Even if you don’t have malware you should reinstall windows every couple of years.
Do you need windows? Go download Linux Mint and install it on your PC so you can dual-boot windows OR linux Mint. It’ll protect you against dumb stuff like this
I’m all for more Linux users but that is an extreme solution to suspected malware on Windows. I do agree that dual booting is more resilient than just Windows.
Lol for people with malware issues, it’s usually not the first or last time they’ll find a way to break something. Given how much is done on the cloud these days and how much is available for Linux, that’s usually my go to advice to prevent further issues.
Try using hitman pro or reinstalling Windows