Welcome to MalwareTips.Happened last night.
Fortuntely this was just a dream and I had not lost any data, or that "Windows Defender Antivirus" failed to detect Malware.
- Downloaded 2 small executables from the Internet.
- I ran the first red-logo executable and the screen flashed black.
- It finally returned, but it was taken hostage by "FandaRansomware".
- I panicked. I had no backups. All was lost.
When a malware incident takes place (or almost takes place) on one of the computers in my home, it's always a flash drive that's to blame. A family member comes home with a flash drive that's been used on infected machines.
I was in same situation, but it was XP. I had Norton running and felt secure as I was new computer owner. Then somehow I contracted the virus "hybris", where a big spiral drive around on the screen, so it's impossible to use the computer. I have not used Norton since, although it should be pretty good these days.The first time I got infected was when I was browsing the web with Windows Vista and an alert from the good old Norton came up. The alert said a possible threat was detected. I looked up the threat and I was immediately hooked. What is a trojan and what does it do? Why is it attacking my computer? What else do I need to know to protect my computer? I have learned a lot since then and I am thankful for the security forums like this one for the knowledge I gained.
If it's a new file then it's likely a false positive. WD is known to block new unsigned executables quite a lot. Submitting to Microsoft as false positive usually fixes this very quickly.I got a warning from Windows Defender just an hour ago about a file I was trying to download from Github, claiming it was a trojan. Most likely a FP, but I like to play it safe (quarantine/delete).
WD aborted the download and wouldn't let me handle the file at all, so I didn't pursue it, but it was one of the SAPI5 voices from hxxps://github.com/Olga-Yakovleva/RHVoice/wiki/Latest-versionIf it's a new file then it's likely a false positive. WD is known to block new unsigned executables quite a lot. Submitting to Microsoft as false positive usually fixes this very quickly.