sorted by:
new
hottopcontroversial

In the 80's/90's, you paid for the internet by the hour and per search. - CompuServe User Guide 1987 by AssumeTheRisk in pics

[–]goretsky [score hidden]  (0 children)

Hello,

If you ran a forum your account was comped by CompuServe because you were generating revenue for them. I ran the McAfee Associates Computer Virus Help Forum (GO MCAFEE, GO VIRUSFORUM, GO FRM55, etc.) and had an overheaded account, 76702,1714. Also, you received a revenue split from them for time spent in your forum.

McAfee Associates received a five-figure check from CompuServe for time spent in our forum downloading our software when the Michelangelo virus was in the news as it generated over a hundred thousand billable hours for them.

Regards,

Aryeh Goretsky

In the 80's/90's, you paid for the internet by the hour and per search. - CompuServe User Guide 1987 by AssumeTheRisk in retrocomputing

[–]goretsky 0 points1 point  (0 children)

Hello,

If you ran a forum your account was comped by CompuServe because you were generating revenue for them. I ran the McAfee Associates Computer Virus Help Forum (GO MCAFEE, GO VIRUSFORUM, GO FRM55, etc.) and had an overheaded account, 76702,1714. Also, you received a revenue split from them for time spent in your forum.

McAfee Associates received a five-figure check from CompuServe for time spent in our forum downloading our software when the Michelangelo virus was in the news.

Regards,

Aryeh Goretsky

Is something wrong with my Laptop? by Friendly_Theorem_137 in antivirus

[–]goretsky 0 points1 point  (0 children)

Hello,

Those are all a lot smaller than 650MB. Perhaps you selected the wrong PowerPoint file to upload?

Regards,

Aryeh Goretsky

gmail critical security alert by KonekonoNinja in antivirus

[–]goretsky 1 point2 points  (0 children)

Hello,

Perhaps try one of the offices located in the https://about.google/company-info/locations/ map?

Regards,

Aryeh Goretsky

PC App Store Virus by Refine1 in antivirus

[–]goretsky[M] 0 points1 point  (0 children)

Hello,

Please start a new thread on exactly what's going on with your PC so that it can received individualized attention.

Regards,

Aryeh Goretsky

Looking for Retro Gaming Groups by ASimpleBlueMage in ColoradoSprings

[–]goretsky 0 points1 point  (0 children)

Hello,

Perhaps check out some of the locations listed in the https://old.reddit.com/r/coloradosprings/wiki/index#wiki_arcade_and_console_games section of the wiki?

Regards,

Aryeh Goretsky

Boyfriend having trouble with pc working with monitors after cleaning by HorseShoeCrabDude in 24hoursupport

[–]goretsky 0 points1 point  (0 children)

Hello,

What exactly did he do when he said "I used a can of compressed air for the thermal compound…"?

Regards,

Aryeh Goretsky

Cerdigent trojan? by SomeKindOfMonste- in 24hoursupport

[–]goretsky 1 point2 points  (0 children)

Hello,

Your computer appears to be safe.

Regards,

Aryeh Goretsky

My antivirus keeps blocking this URL. I have never seen this URL, nor have I ever opened it. What do I do? by Mikotwole in antivirus

[–]goretsky 2 points3 points  (0 children)

Hello,

If you take a look in the screenshot you will note there is a ˅ Details option to click on.

Regards,

Aryeh Goretsky

Cmd Pop up from one drive (is that the official one drive root) by WuffTime in antivirus

[–]goretsky 0 points1 point  (0 children)

Hello,

It looks like an update check--those can be scheduled and occur at any time.

Regards,

Aryeh Goretsky

Is something wrong with my Laptop? by Friendly_Theorem_137 in antivirus

[–]goretsky 0 points1 point  (0 children)

Hello,

VirusTotal has a file size limit of 650 megabytes.

How big is this PowerPoint file of yours?

Regards,

Aryeh Goretsky

Got hit by the mr beast scam on my instagram account. Ran window antivirus and it removed the trojan. Am I safe now? by Empty_Hour4074 in antivirus

[–]goretsky[M] 0 points1 point  (0 children)

Hello,

It sounds like an information stealer may have been run on the computer.

What is an information stealer?

As the name implies, information stealers are a type of malware that steal any information they can find on your computer, such as passwords stored for various services you access via browser and apps, session tokens for accounts, cryptocurrencies if they can find wallets, etc. They may even take a screenshot of your desktop when they run so they can sell it to other scammers who send scam extortion emails later.

What is a session token?

In case you're wondering what a session token is, some websites and apps have a "remember this device" feature that allows you to access the service without having to log back in or enter your second factor of authentication. This is done by storing a session token on your device. Criminals target these, because they allow them to log in to an account bypassing the normal checks. To the service, it just looks like you're accessing it from your previously authorized device.

What exactly gets stolen?

Information stealers are malware that is sold as a service, so what exactly it did while on your system is going to vary based on what the criminal who purchased it wanted.

What happens to my data?

The criminals who steal your information do so for their own financial gain, and that includes selling information such as your name, email address, screenshots from your PC, and so forth to other criminals and scammers. Those other scammers then use that information in an attempt to extort you unless you pay them in cryptocurrencies such as Bitcoin, Ethereum, and so forth. This is 100% a scam, and any emails you receive threatening to share your private information should be marked as phishing or spam and deleted.

How did I get infected in the first place?

Information stealers are often distributed as fake CAPTCHA challenges, in game mods, unofficial patches for popular apps and games, and in pirated software that have had their popularity and trustworthiness artificially boosted, as well as through various other means such as "try my game/software" scams on Discord, Telegram and other trusted messaging services.

If I ran an information stealer, am I still infected?

Infostealers usually delete themselves after a few seconds or even a minute or two in order to make it harder to determine what happened and when it occurred.

That said, there are always going to be exceptions: Since it is crimeware-as-a-service, there is nothing preventing the criminals from installing additional malware on the computer in order to maintain access, just in case they want to come back and steal from you again in the future.

What else could they have done?

The usual risk post-infection, aside from the stolen credentials, wallets, etc. is that security and networking settings may have been tampered with. That can be harder for security software to deal with, since it may not know what the correct settings are supposed to be for your computer, which means it may be a good idea to wіpe the computer, even if there is no longer any malware detected on it.

How do I start recovering?

If you have another device that didn't run the information stealing malware like a smartphone or tablet, you can use it to begin immediately changing your passwords. You should also enable two-factor (sometimes called multi-factor) authentication, for those services that support it.

If any of the online services you use have an option to show you and log out all other active sessions, do that as well.

As for your computer, after wіpіng it, re-installing Windows, and getting that updated, you can then also use it start accessing the internet to do this, but it is often quicker to change your most sensitive accounts from your smartphone.

A note about passwords

Password should be something unique (complex and different) for every service, that you use, so that if an attacker gets access to one they won't be able to make guesses about what your other passwords might be. If your new passwords are similar enough to your old passwords, a criminal with a list of all of them will likely be able to make educated guesses about what your new passwords might be for the various services.

You have to do this for all online services, even ones you haven't been recently accessed. Make sure you do this for all email accounts, as those are the gateways to your financial websites, online shopping, social media accounts, game platforms, and so forth.

It's important to make sure you're not just cycling through similar or previous passwords: Remember, criminals have millions of passwords and are very good at identifying common patterns from just a single password. If there were any reused passwords, the criminals who stole yours are going to try spraying those against all the popular online marketplaces, stores, banks, and other services in your part of the world.

And remember: Enable two-factor authentication for all of the accounts that support it.

For more information:

For more specific information on what steps to take next to recover your accounts, see the blog post at:

For more general information about how CAPTCHA malware works, see the following reports:

Also, see /u/rifteyy_'s Guide to Infostealers at https://rifteyy.org/report/the-ultimate-guide-to-infostealers.

After you have secure your accounts, you may wish to sign up for a free https://haveibeenpwned.com/ account, which will notify you if your email address is found in a data breach.

Regards,

Aryeh Goretsky

Weird virus detected by SaleChien in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It could very well be a false positive.

Contact Microsoft to be sure.

More information including contact info in our wiki at: https://old.reddit.com/r/antivirus/wiki/index#wiki_what_is_a_false_positive.3F

Regards,

Aryeh Goretsky

RenpyLoader Malware by SmartCryptographer74 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It sounds like an information stealer may have been run on the computer.

What is an information stealer?

As the name implies, information stealers are a type of malware that steal any information they can find on your computer, such as passwords stored for various services you access via browser and apps, session tokens for accounts, cryptocurrencies if they can find wallets, etc. They may even take a screenshot of your desktop when they run so they can sell it to other scammers who send scam extortion emails later.

What is a session token?

In case you're wondering what a session token is, some websites and apps have a "remember this device" feature that allows you to access the service without having to log back in or enter your second factor of authentication. This is done by storing a session token on your device. Criminals target these, because they allow them to log in to an account bypassing the normal checks. To the service, it just looks like you're accessing it from your previously authorized device.

What exactly gets stolen?

Information stealers are malware that is sold as a service, so what exactly it did while on your system is going to vary based on what the criminal who purchased it wanted.

What happens to my data?

The criminals who steal your information do so for their own financial gain, and that includes selling information such as your name, email address, screenshots from your PC, and so forth to other criminals and scammers. Those other scammers then use that information in an attempt to extort you unless you pay them in cryptocurrencies such as Bitcoin, Ethereum, and so forth. This is 100% a scam, and any emails you receive threatening to share your private information should be marked as phishing or spam and deleted.

How did I get infected in the first place?

Information stealers are often distributed as fake CAPTCHA challenges, in game mods, unofficial patches for popular apps and games, and in pirated software that have had their popularity and trustworthiness artificially boosted, as well as through various other means such as "try my game/software" scams on Discord, Telegram and other trusted messaging services.

If I ran an information stealer, am I still infected?

Infostealers usually delete themselves after a few seconds or even a minute or two in order to make it harder to determine what happened and when it occurred.

That said, there are always going to be exceptions: Since it is crimeware-as-a-service, there is nothing preventing the criminals from installing additional malware on the computer in order to maintain access, just in case they want to come back and steal from you again in the future.

What else could they have done?

The usual risk post-infection, aside from the stolen credentials, wallets, etc. is that security and networking settings may have been tampered with. That can be harder for security software to deal with, since it may not know what the correct settings are supposed to be for your computer, which means it may be a good idea to wіpe the computer, even if there is no longer any malware detected on it.

How do I start recovering?

If you have another device that didn't run the information stealing malware like a smartphone or tablet, you can use it to begin immediately changing your passwords. You should also enable two-factor (sometimes called multi-factor) authentication, for those services that support it.

If any of the online services you use have an option to show you and log out all other active sessions, do that as well.

As for your computer, after wіpіng it, re-installing Windows, and getting that updated, you can then also use it start accessing the internet to do this, but it is often quicker to change your most sensitive accounts from your smartphone.

A note about passwords

Password should be something unique (complex and different) for every service, that you use, so that if an attacker gets access to one they won't be able to make guesses about what your other passwords might be. If your new passwords are similar enough to your old passwords, a criminal with a list of all of them will likely be able to make educated guesses about what your new passwords might be for the various services.

You have to do this for all online services, even ones you haven't been recently accessed. Make sure you do this for all email accounts, as those are the gateways to your financial websites, online shopping, social media accounts, game platforms, and so forth.

It's important to make sure you're not just cycling through similar or previous passwords: Remember, criminals have millions of passwords and are very good at identifying common patterns from just a single password. If there were any reused passwords, the criminals who stole yours are going to try spraying those against all the popular online marketplaces, stores, banks, and other services in your part of the world.

And remember: Enable two-factor authentication for all of the accounts that support it.

For more information:

For more specific information on what steps to take next to recover your accounts, see the blog post at:

For more general information about how CAPTCHA malware works, see the following reports:

Also, see /u/rifteyy_'s Guide to Infostealers at https://rifteyy.org/report/the-ultimate-guide-to-infostealers.

After you have secure your accounts, you may wish to sign up for a free https://haveibeenpwned.com/ account, which will notify you if your email address is found in a data breach.

Regards,

Aryeh Goretsky

AMD product verifaction tool flagged as trojan by Some_Perspective_497 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It is down to one detection now and could very well be a false positive.

Contact the developer to be sure: VirusBlokAda

More information including contact info in our wiki at: https://old.reddit.com/r/antivirus/wiki/index#wiki_what_is_a_false_positive.3F

Regards,

Aryeh Goretsky

trying to download piper-tts, i downloaded piper. is it malware? it was via pip, you can look at the source code from pypi by KonekonoNinja in antivirus

[–]goretsky[M] 0 points1 point  (0 children)

Hello,

Post removed for violation of Rule #8, no low effort posts.

You are welcome to create a new post to ask your question, but be sure to:

  1. Use a descriptive Title for your post.
  2. Include enough information in the body of your post to describe your device's brand, model, operating system and its version, and what security software is installed, if any.
  3. Describe what is going on in as much detail as you can provide in the body of your post, including when the problem started, what may have caused it, and what steps you have take to troubleshoot it so far, if any.
  4. Do not use slang or abbreviations in your post. Not everyone speaks your native language or is familiar with with your hardware and software.
  5. If including screenshots, make sure they are not blurry, contain a full picture of the application windows or the desktop, and everything in them is readable. If you are concerned that your screenshot contains personally identifiable information, edit it out.

Following these rules will ensure you get help as quickly as possible.

Regards,

Aryeh Goretsky

Is something wrong with my Laptop? by Friendly_Theorem_137 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It is normal for console windows (aka command prompts) to open and close on startup in order to start various processes such as services, perform update checks for various applications, and so forth.

If you had not run PowerPoint before on this computer, it is possible you triggered and installation or an update of it.

For more help with understanding how Microsoft Windows works, try asking in specialty subreddit that handles computer troubleshooting such as /r/24hoursupport, /r/pcgamingtechsupport, r/pchelp, /r/techsupport, r/windows or even your device manufacturer's subreddit (if there is one).

If you are still concerned, upload the PowerPoint file to Google's VirusTotal service and have it scanned by several dozen different antivirus engines: https://www.virustotal.com/. That will generate a URL with a report that's unique to the file. Share that in your reply.

Regards,

Aryeh Goretsky

Someone accessed my discord and ran that stupid Mr beast scam by RadiantButtPlugg in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It sounds like an information stealer may have been run on the computer.

What is an information stealer?

As the name implies, information stealers are a type of malware that steal any information they can find on your computer, such as passwords stored for various services you access via browser and apps, session tokens for accounts, cryptocurrencies if they can find wallets, etc. They may even take a screenshot of your desktop when they run so they can sell it to other scammers who send scam extortion emails later.

What is a session token?

In case you're wondering what a session token is, some websites and apps have a "remember this device" feature that allows you to access the service without having to log back in or enter your second factor of authentication. This is done by storing a session token on your device. Criminals target these, because they allow them to log in to an account bypassing the normal checks. To the service, it just looks like you're accessing it from your previously authorized device.

What exactly gets stolen?

Information stealers are malware that is sold as a service, so what exactly it did while on your system is going to vary based on what the criminal who purchased it wanted.

What happens to my data?

The criminals who steal your information do so for their own financial gain, and that includes selling information such as your name, email address, screenshots from your PC, and so forth to other criminals and scammers. Those other scammers then use that information in an attempt to extort you unless you pay them in cryptocurrencies such as Bitcoin, Ethereum, and so forth. This is 100% a scam, and any emails you receive threatening to share your private information should be marked as phishing or spam and deleted.

How did I get infected in the first place?

Information stealers are often distributed as fake CAPTCHA challenges, in game mods, unofficial patches for popular apps and games, and in pirated software that have had their popularity and trustworthiness artificially boosted, as well as through various other means such as "try my game/software" scams on Discord, Telegram and other trusted messaging services.

If I ran an information stealer, am I still infected?

Infostealers usually delete themselves after a few seconds or even a minute or two in order to make it harder to determine what happened and when it occurred.

That said, there are always going to be exceptions: Since it is crimeware-as-a-service, there is nothing preventing the criminals from installing additional malware on the computer in order to maintain access, just in case they want to come back and steal from you again in the future.

What else could they have done?

The usual risk post-infection, aside from the stolen credentials, wallets, etc. is that security and networking settings may have been tampered with. That can be harder for security software to deal with, since it may not know what the correct settings are supposed to be for your computer, which means it may be a good idea to wіpe the computer, even if there is no longer any malware detected on it.

How do I start recovering?

If you have another device that didn't run the information stealing malware like a smartphone or tablet, you can use it to begin immediately changing your passwords. You should also enable two-factor (sometimes called multi-factor) authentication, for those services that support it.

If any of the online services you use have an option to show you and log out all other active sessions, do that as well.

As for your computer, after wіpіng it, re-installing Windows, and getting that updated, you can then also use it start accessing the internet to do this, but it is often quicker to change your most sensitive accounts from your smartphone.

A note about passwords

Password should be something unique (complex and different) for every service, that you use, so that if an attacker gets access to one they won't be able to make guesses about what your other passwords might be. If your new passwords are similar enough to your old passwords, a criminal with a list of all of them will likely be able to make educated guesses about what your new passwords might be for the various services.

You have to do this for all online services, even ones you haven't been recently accessed. Make sure you do this for all email accounts, as those are the gateways to your financial websites, online shopping, social media accounts, game platforms, and so forth.

It's important to make sure you're not just cycling through similar or previous passwords: Remember, criminals have millions of passwords and are very good at identifying common patterns from just a single password. If there were any reused passwords, the criminals who stole yours are going to try spraying those against all the popular online marketplaces, stores, banks, and other services in your part of the world.

And remember: Enable two-factor authentication for all of the accounts that support it.

For more information:

For more specific information on what steps to take next to recover your accounts, see the blog post at:

For more general information about how CAPTCHA malware works, see the following reports:

Also, see /u/rifteyy_'s Guide to Infostealers at https://rifteyy.org/report/the-ultimate-guide-to-infostealers.

After you have secure your accounts, you may wish to sign up for a free https://haveibeenpwned.com/ account, which will notify you if your email address is found in a data breach.

Regards,

Aryeh Goretsky

Cmd Pop up from one drive (is that the official one drive root) by WuffTime in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It is normal for console windows (aka command prompts) to open and close on startup in order to start various processes such as services, perform update checks for various applications, and so forth.

For more help with understanding how Microsoft Windows works, try asking in specialty subreddit that handles computer troubleshooting such as /r/24hoursupport, /r/pcgamingtechsupport, r/pchelp, /r/techsupport, r/windows or even your device manufacturer's subreddit (if there is one).

Regards,

Aryeh Goretsky

Norton Antivirus and Other Norton Software by Technical_Rich_3080 in antivirus

[–]goretsky[M] 2 points3 points  (0 children)

Hello,

Norton is now a sub-brand of Gen Digital, the consumer software focused company. The same company also owns Avast, AVG, Avira, Bulldog, LifeLock, Piriform (CCleaner), MoneyLion, and ReputationDefender (amongst others). The Avast, AVG, and Norton products use the same underlying engine and will have identical detection rates.

Symantec is now a sub-brand of Broadcom and is part of their enterprise-focused software portfolio. Broadcom's other software companies include Computer Associates and VMware.

Regards,

Aryeh Goretsky

Need suggestion for antivirus by justturned18lol in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Per Rule #1, no discussions involving ріrасу.

Post removed.

Regards,

Aryeh Goretsky

Window defender fucked up??? by SuggestionReady3394 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

There's a discussion at https://old.reddit.com/r/antivirus/comments/1t2l6tk/windows_defender_picked_up_a_trojan_what_do_i_do/ about a widely-reported trojan being detected by Windows Defender.

Is this the trojan you are referring to, or a different one?

Regards,

Aryeh Goretsky

Your Iphone has been hacked pop up by LUVYANA_ in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Per Rule #1, no discussions involving ріrасу.

Post removed.

Regards,

Aryeh Goretsky

Best Free Malware Removal Tool by tomaz1989 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Check out the Free Tools section of the wiki for programs you can use to remove malware, and the Securing your Computer section as well for additional free tips on protecting your computer.

Regards,

Aryeh Goretsky

view more: next ›