M
MoeBachrouch
I'm dealing with a dangerous malware situation and I need professional help dealing with it.
Here’s what happened: I have an external SSD with 400GB of data. In 2019, I transferred data from an old USB from 2012 to this SSD. This USB had a Trojan on it that I later found out through the SSD.
When I inserted my external SSD into my new PC, a Trojan was detected by Windows Defender (WD) on my new PC under the name “Phonzy.A!ml”. It was quarantined. I decide to plug the source of the malware (the USB, aka the F: drive in this story) into an old laptop, and the same WD report pops up. Trojan:Win32/Phonzy.A!ml. However no other threat was detected by WD at this point, only this specific threat.
I decide to restore the file that was quarantined on my old laptop. At this stage, a second, different threat gets detected by WD: a worm under the name Jenxcus.ND aka System.VBS.
This threat was not identified by my new PC, it was only identified after I restored the first malware on the old laptop. This file in fact did not ever show up in any of my directories in my F: drive (the original infecting USB). It was identified on my old laptop after I restored the first malware (the Trojan Phonzy one).
So, what worries me is: what happened to Jenxcus (aka System.VBS) on my new PC which never identified it? The newer PC identified a single threat: Trojan
honzy. older laptop also identified a single threat, until I restored that threat. At this point it detected a second threat: System.VBS aka Worm:Jenxcus.ND. I haven’t even clicked any links or executed any files, I simply restored a threat.
I ran multiple scans on both my computers, on the infected drive, and the SSD on which I first identified this threat. I found nothing so far.
But naturally the situation still worries me.
What should I do, and how do I deal with this? Is my PC safe? Why did WD not detect System.vbs or Jenxcus?
Thanks.
Continue reading...
Here’s what happened: I have an external SSD with 400GB of data. In 2019, I transferred data from an old USB from 2012 to this SSD. This USB had a Trojan on it that I later found out through the SSD.
When I inserted my external SSD into my new PC, a Trojan was detected by Windows Defender (WD) on my new PC under the name “Phonzy.A!ml”. It was quarantined. I decide to plug the source of the malware (the USB, aka the F: drive in this story) into an old laptop, and the same WD report pops up. Trojan:Win32/Phonzy.A!ml. However no other threat was detected by WD at this point, only this specific threat.
I decide to restore the file that was quarantined on my old laptop. At this stage, a second, different threat gets detected by WD: a worm under the name Jenxcus.ND aka System.VBS.
This threat was not identified by my new PC, it was only identified after I restored the first malware on the old laptop. This file in fact did not ever show up in any of my directories in my F: drive (the original infecting USB). It was identified on my old laptop after I restored the first malware (the Trojan Phonzy one).
So, what worries me is: what happened to Jenxcus (aka System.VBS) on my new PC which never identified it? The newer PC identified a single threat: Trojan
honzy. older laptop also identified a single threat, until I restored that threat. At this point it detected a second threat: System.VBS aka Worm:Jenxcus.ND. I haven’t even clicked any links or executed any files, I simply restored a threat.I ran multiple scans on both my computers, on the infected drive, and the SSD on which I first identified this threat. I found nothing so far.
But naturally the situation still worries me.
What should I do, and how do I deal with this? Is my PC safe? Why did WD not detect System.vbs or Jenxcus?
Thanks.
Continue reading...