this post was submitted on 20 Jun 2023
41 points (97.7% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54803 readers
610 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

As the title suggest, I may have installed some malicious software called Adventurous Clotth Tool from a company called Adventurous Cloth LLC.

For context, I was looking to download Driver San Francisco and because it's no longer available for purchase anywhere my brother recommended SteamUnlocked, which he has used before. After skimming the comments I assumed it was safe, downloaded the file(big warning sign in retrospect) and installed the program, after mentioning this to my brother he told me that it should have been the game files in a zip folder, and obviously I broke down in a cold sweat.

I have run multiple checks using Malware Bytes, Windows Defender and an offline Windows Defender scan, all of which reported no problems, however obviously I'm still scared/nervous about what I have done.

Apart from don't be an idiot, can anyone give me some advice on what I should be doing next? I tried searching for the company and program in question, but no results have come up.

top 32 comments
sorted by: hot top controversial new old
[–] [email protected] 9 points 1 year ago* (last edited 1 year ago) (1 children)

You never know what malware is going to do. You could look up sandbox reports of what it did, and then end up with a modified version of the malware. Better to backup stuff, nuke the OS, and start fresh/change passwords on important stuff. Persistence can be a bitch to track down, better to nuke.

Take this as a learned lesson, and do better next time.

Back in the early 00's I caught thousands of infections.. I think somewhere around 3000 infections removed at once was my personal best. Live and learn.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)

Nuke it and pray to whatever spirits motivate them that they didn't manage to install a rootkit... I'd be praying to rum, myself.

[–] [email protected] 8 points 1 year ago (1 children)

Ahh the good ol' times, I was once adventurous like you. That's ok, my recommendation is to make a backup of everything important that you have, if you use banking in that computer just monitor your credit cards and accout. Also it is a good idea to use KeePass or Bitwarden to handle your logins. Once you have done all that just reinstall windows. Yes it is tedious but if you are sailing the seas you need to have a escape plan. Have your backup up to date, when I was younger I had an external drive that I would update before installing dangerous stuff... That after I learned the hard way.

[–] [email protected] 4 points 1 year ago (1 children)

As far as adventurous goes, this seemed like going into the shallow end of the pool with arm bands on.

I've bought things through Amazon and other sites and used Paypal but I don't think I've ever actually logged in to my bank on my PC, but I'm guessing I should change my passwords regardless.

The first thing I did was delete Bitwarden.

[–] [email protected] 1 points 1 year ago

You should be ok then, but don't worry. Tis but a scratch, matey.

[–] [email protected] 6 points 1 year ago

if you don't mind do a fresh install, and don't use SteamUnlocked anymore, check here for trusted sources.

[–] [email protected] 5 points 1 year ago (2 children)

Get ublock origin if you don’t have it

[–] [email protected] 6 points 1 year ago (2 children)

Good general advice, but how will that help in this case?

[–] [email protected] 3 points 1 year ago

that was my thought. He downloaded the file. It was not some javascript malware or such.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

The way they said they installed something which was different to the game files that were expected made it sound like they might’ve clicked on an ad that was a download button instead of the actual download on the site but I might be wrong because I’ve never been on steam unlocked. They also seem like they’re new to piracy and I would definitely recommend they have a good Adblock even before they visit even the trusted piracy sites.

[–] [email protected] 2 points 1 year ago (4 children)

I was using Opera with Adblock Plus, would that be enough or after the formar, would it be wise to use Chrome/Firefox instead?

[–] [email protected] 5 points 1 year ago

Someone can correct me if I'm wrong, but I believe Adblock Plus is the one that will let ads through so long as they're paid to do so. Wouldn't touch Chrome since Google, as an ad business, has the motive to kill ad blockers and is already making steps toward doing so.

[–] [email protected] 3 points 1 year ago

Opera is fine. However, AdBlock Plus is not. It has become infected with profit-driven decisions and now lets ads through that pay. Use uBlock Origin instead.

[–] [email protected] 2 points 1 year ago

Would recommend Firefox with uBlock Origin installed. Adblock Plus allows ads through so long as they get paid, it shouldn't be used under any circumstances.

[–] [email protected] 2 points 1 year ago

I'm a firefox guy but it's all preference. Definitely swap out adblock plus for ublock origin though.

[–] [email protected] 4 points 1 year ago (1 children)

I recommend to format from an USB drive and use the sites in the megathread instad off steamunlocked

[–] [email protected] 1 points 1 year ago (4 children)

Can you write a for dummies guide on how to do that, or point me to a guide? Googling only brings up guides on how to format a USB Stick.

[–] [email protected] 1 points 1 year ago

https://www.supereasy.com/how-to-use-windows-10-media-creation-tool/ Ignore the section "How to download the Windows 10 ISO file with the tool?" What is important is the beginning downloading it and the section "How to create a Windows 10 bootable USB drive with the tool?"

Hope this helps

[–] [email protected] 0 points 1 year ago

https://www.supereasy.com/how-to-use-windows-10-media-creation-tool/ Ignore the section "How to download the Windows 10 ISO file with the tool?" What is important is the beginning downloading it and the section "How to create a Windows 10 bootable USB drive with the tool?"

Hope this helps

[–] [email protected] 0 points 1 year ago

https://www.supereasy.com/how-to-use-windows-10-media-creation-tool/ Ignore the section "How to download the Windows 10 ISO file with the tool?" What is important is the beginning downloading it and the section "How to create a Windows 10 bootable USB drive with the tool?"

Hope this helps

[–] [email protected] 4 points 1 year ago (1 children)

If you willing to spend some money, find a VM and see if anything bad happens. These types of VM companys won’t allow viruses and will warn you when such viruses happen.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

With a bit of basic VM knowledge, this operation can be done for free. I run VMs myself to run certain macros and some windows stuff. As i am primarily a linux user.

EDIT: BUt good point @firecat . I think a VM should do the trick.

[–] [email protected] 1 points 1 year ago

If you are technically versed, any.run can often give a good overview over the goals of the malware. You have to sign up and then upload your executable.

[–] [email protected] 3 points 1 year ago (1 children)

It all depends on what kind of malware did you download. If I were you, I'd make a back-up of important files ASAP in case it's some kind of an encryptor, put 2FA on my online accounts where possible and additionally change passwords where 2FA is not an option. You can also monitor traffic from time to time to see if your computer connects to some shady servers, but you most likely won't notice anything wrong and that's OK. Oh and remember to have another USB around with your OS installer so in case things go bad after some time you would be quickly able to set things up and running

[–] [email protected] 3 points 1 year ago (1 children)

There is a report in any.run, it appears to be advertising related or better said data mining.

[–] [email protected] 1 points 1 year ago (2 children)

So does that change anything, or should I still just format my pc?

[–] [email protected] 3 points 1 year ago

Still format it, some of these malwares are hard to get rid of. Even if you don't have malware you should reinstall windows every couple of years.

[–] [email protected] 3 points 1 year ago (1 children)

Do you need windows? Go download Linux Mint and install it on your PC so you can dual-boot windows OR linux Mint. It'll protect you against dumb stuff like this

[–] [email protected] 4 points 1 year ago (1 children)

I'm all for more Linux users but that is an extreme solution to suspected malware on Windows. I do agree that dual booting is more resilient than just Windows.

[–] [email protected] 3 points 1 year ago

Lol for people with malware issues, it's usually not the first or last time they'll find a way to break something. Given how much is done on the cloud these days and how much is available for Linux, that's usually my go to advice to prevent further issues.

[–] [email protected] 2 points 1 year ago

Try using hitman pro or reinstalling Windows

load more comments
view more: next ›