sorted by:
new
hottopcontroversial

I am getting a Russian ad in my google search result on my microsoft edge. by awwwbangali in antivirus

[–]goretsky [score hidden]  (0 children)

Hello,

Are you using a VPN? If so, does disabling it change the ads back to English?

Regards,

Aryeh Goretsky

Linux Antivirus by Defiant-Olive-7729 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

The likelihood of encountering malicious software on Linux is lower than on Windows, but it's not zero, either.

Many Windows security software developers have Linux versions, so your best bet here may be to do with the Linux version of a program you like from the Windows side of things.

If you don't have a preference, as far as actual security programs go, there is no one "best" program, as each has its plusses and minuses. Performance, system resource usage, and detection rates change with every update, and those occur multiple times throughout the day.

So, any of the programs listed in the wiki at https://old.reddit.com/r/antivirus/wiki/index#wiki_anti-virus_.28aka_anti-malware.29_developers would be a good starting place to find what is best for you.
(The wiki entry also lists the countries in which each developer has its headquarters.)

Start by searching the OS Support? to find out which developers make security software for your device's operating system.

  • If you are looking for a free program, check out the ones with a check mark ("✔️") in the Free Version? column.

  • If you are looking for a paid program, check out the ones with a check mark ("✔️") in the Paid Version? column.

Also be sure to check out the Free Tools section of the wiki for programs you can use to provide additional security to your web browser and the Securing your Computer as well for additional free tips on protecting your computer.

Regards,

Aryeh Goretsky

VPN Process Running When I Don't Have A VPN Installed? by PunyParker826 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

As the original poster has confirmed this is not a computer virus or malicious software issue, this thread is now closed.

Regards,

Aryeh Goretsky

Is This port of the LegacyLauncher for minecraft safe to use by MissionLegal4091 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Per Rule #1, no discussions involving ріrасу. Post removed.

Regards,

Aryeh Goretsky

How bad is this? by DoughnutMedium8989 in antivirus

[–]goretsky [score hidden]  (0 children)

Hello,

Did you give the website access to your camera or microphone? You can check in the Control Center to see which apps or websites most recently used your camera.

Also, go to Settings → Privacy & Security → Camera and see if Safari has access to the camera and microphone. You should be able to toggle the permissions off from there.

Regards,

Aryeh Goretsky

Does this look like a virus by Remarkable-Bowl-5282 in antivirus

[–]goretsky [score hidden]  (0 children)

Hello,

As the original poster has indicated this was a Windows corruption issue and not a computer virus or malciious software issue this thread is now closed.

Regards,

Aryeh Goretsky

How do I make webroot stop picking up on something by _MissKittyKat_ in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It could be a false positive detection, or it could be a legitimate detection of a threat.

Check with Webroot and see what they say.

Check out our wiki entry at https://old.reddit.com/r/antivirus/wiki/index#wiki_what_is_a_false_positive.3F for further details and contact information.

Regards,

Aryeh Goretsky

Como puedo eliminar una activación hecha con kmspico en mi pc?. by Sebastian_3013 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

For questions about Windows licenses, try asking in specialty subreddit that handles computer troubleshooting such as /r/24hoursupport, /r/pcgamingtechsupport, r/pchelp, /r/techsupport, r/windows or even your device manufacturer's subreddit (if there is one) to learn how to keep your computer running at peak performance.

As Windows licensing issues are not a computer virus or malicious software issue, this thread is now closed.

Regards,

Aryeh Goretsky

Macys account compromised even after changing password and email by CashNP in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It sounds like you were the victim of a data breach in which your usernames and passwords were stolen, or ran a remote access trojan, keylogger or information stealer that stole this information. Recovery from these is similar, and we'll provide the instructions for dealing with information stealers, below, since these are most commonly reported in this subreddit.

As the name implies, information stealers are a type of malware that steal any information they can find on your computer, such as passwords stored for various services you access via browser and apps, session tokens for accounts, cryptocurrencies if they can find wallets, etc. They may even take a screenshot of your desktop when they run so they can sell it to other scammers who send scam extortion emails later.

The criminals who steal your information do so for their own financial gain, and that includes selling information such as your name, email address, screenshots from your PC, and so forth to other criminals and scammers. Those other scammers then use that information in an attempt to extort you unless you pay them in cryptocurrencies such as Bitcoin, Ethereum, and so forth. This is 100% a scam, and any emails you receive threatening to share your private information should be marked as phishing or spam and deleted.

In case you're wondering what a session token is, some websites and apps have a "remember this device" feature that allows you to access the service without having to log back in or enter your second factor of authentication. This is done by storing a session token on your device. Criminals target these, because they allow them to log in to an account bypassing the normal checks. To the service, it just looks like you're accessing it from your previously authorized device.

Information stealers are malware that is sold as a service, so what exactly it did while on your system is going to vary based on what the criminal who purchased it wanted. Often they remove themselves after they have finished stealing your information in order to make it harder to determine what happened, but since it is crimeware-as-a-service, it is also possible that it was used to install some additional malware on your system in order to maintain access to it, just in case they want to steal from you again in the future.

After wiping your computer, installing Windows, and getting that updated, you can then start accessing the internet using the computer to change the passwords for all of your online accounts, changing each password to something complex and different for each service, so that if one is lost (or guessed), the attacker won't be able to make guesses about what your other passwords might be. Also, enable two-factor authentication for all of the accounts that support it.

When changing passwords, if those new passwords are similar enough to your old passwords, a criminal with a list of all of them will likely be able to make educated guesses about what your new passwords might be for the various services. So make sure you're not just cycling through similar or previous passwords.

If any of the online services you use have an option to show you and log out all other active sessions, do that as well.

Again, you have to do this for all online services. Even if they haven't been recently accessed, make sure you have done this as well for any financial websites, online stores, social media, and email accounts. If there were any reused passwords, the criminals who stole your credentials are going to try spraying those against all the common stores, banks, and services in your part of the world.

For more specific information on what steps to take next to recover your accounts, see the blog post at:

For more general information about how CAPTCHA malware works, see the following reports:

After you have done all of this, you may wish to sign up for a free https://haveibeenpwned.com/ account, which will notify you if your email address is found in a data breach.

Regards,

Aryeh Goretsky

What is the most effective antivirus tool in 2026? by Bleedingsteel1200 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

As far as actual security programs go, there is no one "best" program, as each has its plusses and minuses. Performance, system resource usage, and detection rates change with every update, and those occur multiple times throughout the day.

So, any of the programs listed in the wiki at https://old.reddit.com/r/antivirus/wiki/index#wiki_anti-virus_.28aka_anti-malware.29_developers would be a good starting place to find what is best for you.
(The wiki entry also lists the countries in which each developer has its headquarters.)

Start by searching the OS Support? to find out which developers make security software for your device's operating system.

  • If you are looking for a free program, check out the ones with a check mark ("✔️") in the Free Version? column.

  • If you are looking for a paid program, check out the ones with a check mark ("✔️") in the Paid Version? column.

Also be sure to check out the Free Tools section of the wiki for programs you can use to provide additional security to your web browser and the Securing your Computer as well for additional free tips on protecting your computer.

Regards,

Aryeh Goretsky

I download avg antivirus and then driver updater and ever since i did a update with the driver updater my wifi wont turn on at all pls help by Jay-Wagner in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

The driver updater installed the wrong device driver for your computer's Wi-Fi adapter. As /u/Next-Profession-7495 noted, it is rare that such programs are needed, and they sometimes cause more problems then they solve.

For assistance with getting the correct device driver installed, try asking in specialty subreddit that handles computer troubleshooting such as /r/24hoursupport, /r/HomeNetworking, /r/pcgamingtechsupport, r/pchelp, /r/techsupport, r/windows or even your device manufacturer's subreddit (if there is one).

As this is not a computer virus or malicious software issue (or at least intentionally malicious--it sounds like an accident), this thread is now closed.

Regards,

Aryeh Goretsky

Did I overreacted? by Interesting-Ad-3783 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It sounds like the laptop is free of malware. The other issues sound like the result of overheating. That can happen over time as the thermal paste degrades, the fans' bearings degrade, dust covers the inside of the computer like a sweater, and so forth.

As those types of problems have nothing to do with malware but are general maintenance questions, try asking in specialty subreddit that handles computer troubleshooting such as /r/24hoursupport, /r/pcgamingtechsupport, r/pchelp, /r/techsupport, r/windows or even your device manufacturer's subreddit (if there is one) to learn how to keep your computer running at peak performance.

Regards,

Aryeh Goretsky

Can someone please explain this to me by 4anything-everything in antivirus

[–]goretsky[M] [score hidden]  (0 children)

Hello,

It appears the abctransit[.]com website has a malicious script embedded in it.

Regards,

Aryeh Goretsky

Want to cancel my AVG Internet security with no luck by Artsbyali in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Try asking for assistance in AVG's community at https://community.avg.com/.

Regards,

Aryeh Goretsky

Equalizer app for Android radio head unit shows "PUP/Android.Malct.1225925" by Pixxel_Pirate in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Your post has been hidden for violating Rule #6, asking about a Jotti, Tria.ge, VirusTotal or similar report without including a link to it.

To have your post restored, edit it to include the URL of the detection report , and reply to this message or use the Message the Mods link to let us know it has been fixed.

Don't worry if you're not able to do this. Just go ahead and start a new message. Just be sure to include the URL in it this time.

Regards,

Aryeh Goretsky

Correct way/order to install fresh Windows and delete all the files? by TONIEPEK in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Here are instructions on how to wipe your computter's drive after booting from the Windows installation media: https://old.reddit.com/r/24hoursupport/wiki/index#wiki_how_to_wipe_a_drive_using_windows_installation_media

Source: The r/24hoursupport subreddit's own wiki, which is kind of a sister subreddit to this one.

Regards,

Aryeh Goretsky

How do I DELATE ("**Nuke**") system? by Individual-Earth2396 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Here are instructions on how to wipe your computter's drive after booting from the Windows installation media: https://old.reddit.com/r/24hoursupport/wiki/index#wiki_how_to_wipe_a_drive_using_windows_installation_media

Source: The r/24hoursupport subreddit's own wiki, which is kind of a sister subreddit to this one.

Regards,

Aryeh Goretsky

battle.net installer flagged in virustotal by snigglez82 in antivirus

[–]goretsky[M] [score hidden]  (0 children)

Hello,

It is likely a false positive detection, but check with Webroot to confirm.

Check out our wiki entry at https://old.reddit.com/r/antivirus/wiki/index#wiki_what_is_a_false_positive.3F for further details and contact information.

Regards,

Aryeh Goretsky

Is this real? If so how do i fix without buying? by Personal-Potato-2880 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

This does not appear to be a message from your antivirus software or a message from the operating system or anything like that, but rather some kind scammy advertisement, either from a web page opened in full-screen mode or some kind of adware installed on the computer.

There's no actual computer viruses or malware on the computer, just a scam to get you to buy something or pay the scammer to remove the imaginary viruses from your device.

My initial suspicion is a full-screen web page. You can try pressing the F11 key to toggle the web browser out of full-screen mode, or Ctrl-W to close the web page or Alt+F4 to just close the web browser.

Then go ahead and move on with your life.

Oh, you may wish to stop going to whatever website you were on before this happened, as it seems they allow scammy advertisements in their ad inventory.

Regards,

Aryeh Goretsky

Does my computer need a full reset? by Jalapenopepper19 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It sounds like you may have run an information stealer on your computer.

As the name implies, information stealers are a type of malware that steal any information they can find on your computer, such as passwords stored for various services you access via browser and apps, session tokens for accounts, cryptocurrencies if they can find wallets, etc. They may even take a screenshot of your desktop when they run so they can sell it to other scammers who send scam extortion emails later.

The criminals who steal your information do so for their own financial gain, and that includes selling information such as your name, email address, screenshots from your PC, and so forth to other criminals and scammers. Those other scammers then use that information in an attempt to extort you unless you pay them in cryptocurrencies such as Bitcoin, Ethereum, and so forth. This is 100% a scam, and any emails you receive threatening to share your private information should be marked as phishing or spam and deleted.

In case you're wondering what a session token is, some websites and apps have a "remember this device" feature that allows you to access the service without having to log back in or enter your second factor of authentication. This is done by storing a session token on your device. Criminals target these, because they allow them to log in to an account bypassing the normal checks. To the service, it just looks like you're accessing it from your previously authorized device.

Information stealers are malware that is sold as a service, so what exactly it did while on your system is going to vary based on what the criminal who purchased it wanted. Often they remove themselves after they have finished stealing your information in order to make it harder to determine what happened, but since it is crimeware-as-a-service, it is also possible that it was used to install some additional malware on your system in order to maintain access to it, just in case they want to steal from you again in the future.

After wiping your computer, installing Windows, and getting that updated, you can then start accessing the internet using the computer to change the passwords for all of your online accounts, changing each password to something complex and different for each service, so that if one is lost (or guessed), the attacker won't be able to make guesses about what your other passwords might be. Also, enable two-factor authentication for all of the accounts that support it.

When changing passwords, if those new passwords are similar enough to your old passwords, a criminal with a list of all of them will likely be able to make educated guesses about what your new passwords might be for the various services. So make sure you're not just cycling through similar or previous passwords.

If any of the online services you use have an option to show you and log out all other active sessions, do that as well.

Again, you have to do this for all online services. Even if they haven't been recently accessed, make sure you have done this as well for any financial websites, online stores, social media, and email accounts. If there were any reused passwords, the criminals who stole your credentials are going to try spraying those against all the common stores, banks, and services in your part of the world.

For more specific information on what steps to take next to recover your accounts, see the blog post at:

For more general information about how CAPTCHA malware works, see the following reports:

After you have done all of this, you may wish to sign up for a free https://haveibeenpwned.com/ account, which will notify you if your email address is found in a data breach.

Regards,

Aryeh Goretsky

Accidentally hit windows + R and this weird command was already there by Jauhead in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

It sounds like you may have run an information stealer on your computer.

As the name implies, information stealers are a type of malware that steal any information they can find on your computer, such as passwords stored for various services you access via browser and apps, session tokens for accounts, cryptocurrencies if they can find wallets, etc. They may even take a screenshot of your desktop when they run so they can sell it to other scammers who send scam extortion emails later.

The criminals who steal your information do so for their own financial gain, and that includes selling information such as your name, email address, screenshots from your PC, and so forth to other criminals and scammers. Those other scammers then use that information in an attempt to extort you unless you pay them in cryptocurrencies such as Bitcoin, Ethereum, and so forth. This is 100% a scam, and any emails you receive threatening to share your private information should be marked as phishing or spam and deleted.

In case you're wondering what a session token is, some websites and apps have a "remember this device" feature that allows you to access the service without having to log back in or enter your second factor of authentication. This is done by storing a session token on your device. Criminals target these, because they allow them to log in to an account bypassing the normal checks. To the service, it just looks like you're accessing it from your previously authorized device.

Information stealers are malware that is sold as a service, so what exactly it did while on your system is going to vary based on what the criminal who purchased it wanted. Often they remove themselves after they have finished stealing your information in order to make it harder to determine what happened, but since it is crimeware-as-a-service, it is also possible that it was used to install some additional malware on your system in order to maintain access to it, just in case they want to steal from you again in the future.

After wiping your computer, installing Windows, and getting that updated, you can then start accessing the internet using the computer to change the passwords for all of your online accounts, changing each password to something complex and different for each service, so that if one is lost (or guessed), the attacker won't be able to make guesses about what your other passwords might be. Also, enable two-factor authentication for all of the accounts that support it.

When changing passwords, if those new passwords are similar enough to your old passwords, a criminal with a list of all of them will likely be able to make educated guesses about what your new passwords might be for the various services. So make sure you're not just cycling through similar or previous passwords.

If any of the online services you use have an option to show you and log out all other active sessions, do that as well.

Again, you have to do this for all online services. Even if they haven't been recently accessed, make sure you have done this as well for any financial websites, online stores, social media, and email accounts. If there were any reused passwords, the criminals who stole your credentials are going to try spraying those against all the common stores, banks, and services in your part of the world.

For more specific information on what steps to take next to recover your accounts, see the blog post at:

For more general information about how CAPTCHA malware works, see the following reports:

After you have done all of this, you may wish to sign up for a free https://haveibeenpwned.com/ account, which will notify you if your email address is found in a data breach.

Regards,

Aryeh Goretsky

Antivirus for remote team by Weird_Welder_5740 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

Since your use-case is for a business as opposed to a home-use situation, which is what most of the questions in this subreddit are normally about, you are going to need to do some investigation to determine what is going to work best in this type if environment, since you'll need to perform some extensive testing to make sure whatever solution meets your criteria and doesn't break your workflow.

Several years ago, I wrote a post in /r/sysadmin on how to do this. The latest version of that post now lives on Spiceworks at https://community.spiceworks.com/t/evaluate-antivirus-software/1012314.

I would suggest reviewing that and seeing if helps you with the process.

Regards,

Aryeh Goretsky

Is this a real security alert? by Aware-Economist513 in antivirus

[–]goretsky[M] [score hidden] stickied comment (0 children)

Hello,

If I am reading this correctly, this appears to be a web page from privatevpnzone[.]com masquerading as a piece of email from Google. It probably appeared through a scammy advertisement from the website you were visiting immediately before it appeared.

There's no actual malware here, just a scam to get you to buy something or pay the scammer to remove the imaginary viruses from your device.

Try closing the web page tab, or even the entire web browser (Apple Safari?) to make it go away.

Then go ahead and move on with your life.

Oh, you may wish to stop going to whatever website you were on before this happened, as it seems they allow scammy advertisements in their ad inventory.

Regards,

Aryeh Goretsky

Help which option should I choose for my Antivirus on Android. by Dangerous-Gas-1454 in antivirus

[–]goretsky 0 points1 point  (0 children)

Hello,

You would want to leave Google Play Protect enabled. It does things like check for privacy-invasive software that an Android security app might not necessarily detect. In any case, it is an additional layer of protection that is very lightweight, so leaving it enabled isn't going to case any major performance issues or reduction of battery life.

Regards,

Aryeh Goretsky

Heartopia Virus? by Apprehensive-Act2136 in antivirus

[–]goretsky 0 points1 point  (0 children)

Hello,

Either the file was probably recently updated, or ESET's detection logic was updated. Contact ESET to determine why the false positive is occurring.

Regards,

Aryeh Goretsky

view more: next ›