Help with malware/trojan

leahh88g4 · February 7, 2026, 4:59pm

Can you recommend good online sources for help/forums with malware/viruses? There was a trojan found on one of my friends computer, he does not know if it might be a false positive.

Thank you!

Man · February 7, 2026, 5:05pm

Do you know exactly which file is responsible? If so you can upload it to VirusTotal .

Quarantine the device first. Disconnect everything else from the network. Don’t input any personal information. If the Trojan is intirgrated into the system it requires a different approach

leahh88g4 · February 7, 2026, 6:00pm

I just asked him, the file is already deleted by the AV scanner but it was “Trojan.SupectCRC” in /WinSxS/…/WindowsPersonaCard.dll”.

Julie · February 7, 2026, 8:24pm

upload the file to virustotal.com, then I could help determine if it’s a false positiv.

I mean if you share the url result.

Onscreen5341 · February 7, 2026, 8:30pm

Shutdown the infected device
Whipe all disks (reformat should be enough)
Install a new OS
Check other devices for malware
Logout/reset the sessions of all accounts
Change the password of all accounts
Enable MFA of all accounts

Be aware that restoring a backup might be risky due the fact that you currently have no information when the device was infected. So a backup might already contain the malware.

leahh88g4 · February 8, 2026, 6:07am

The AV scanner already deleted the file, so he cannot upload it.

The computer has also been fully cleaned with new installment but as @Onscreen5341 mentioned the backups might be infected, too. My friend had been using Notepad++, and the infection of the updater had been going on since June 25 - but again, it might have been a false positive.

kissu · February 8, 2026, 8:14am

Notepad++ is definitely not a false positive.
Hopefully there is no rootkit coming with it.

leahh88g4 · February 8, 2026, 11:24am

Well yes, of course Notepad++ has been attacked and that is not a false positive, but the odd thing is he had fully cleaned the computer BEFORE the AV scan and then did not connect to the internet again, only attached and external drive with some of his documents. And then the AV scan was performed.

KathyM · February 8, 2026, 4:23pm

I’ve slowly rendered down the data I feel is worth preserving down into only text & photo data. Much easier to store offsite in dedicated storage formats.

Polymer7229 · February 8, 2026, 9:27pm

BleepingComputer and MalwareBytes forums have malware removal help sections. You need to run elevated scanners and post logs on the public forums. BC asks you to run fewer logs and may remove fewer suspicious files from the computer, whereas MB asks you to run MB tools along with other tools, and remove suspicious files more comprehensively.

Topic		Replies	Views
Only Office Windows Defender detected Trojan Questions	7	542	February 19, 2025
Safely processing / storing downloaded files Questions	5	598	May 20, 2024
I clicked on a virus link, What to do now? Questions	10	1058	November 13, 2023
Couldn't remove virus detected by Hypatia FOSS antivirus? Questions	4	869	February 10, 2024
Librewolf's Windows updater is malware?! Questions	12	2511	November 4, 2024

Help with malware/trojan

Related topics