/r/computerviruses

Photograph via snooOG

Sub-reddit dedicated to questions about computer viruses.

News about Viruses, Spyware, and Trojans, Including tips and advice.

Please feel free to post questions or concerns regarding virus issues. Remember that all users here are not confirmed qualified computer specialists, take all advice at your own risk.

Please do not message mods directly for virus support, post in the subreddit.

Primary Rules of the Subreddit:

  1. Please do not try to ask for any assistance or support in creating and/or finding viruses, we are not here to contribute more to harmful programs.

  2. Do not post files or download links to any file. Especially if you're not sure if it's a virus or not. This will result in a ban.

  3. Do not post links to random websites unless they are well-known and safe websites. If the web link ends up in a potential virus-ridden site, this can also result in a ban.

  4. Always remember to follow Reddiquette

Looking for virus/malware protection? Check out these links!

Malwarebytes Anti-Malware

AVG Anti-Virus

Avast for PC

Avast for Mac Computers

/r/computerviruses

17,888 Subscribers

1

Any tips on removing a browser hijacker

I have noticed some of the common sign of a browser hijacker for a day now, i've had this issue for a while but it stopped for a while untill yesterday, any tips on removing one?

I'm sick of my search engine being set to yahoo.

0 Comments
2024/12/02
14:00 UTC

1

Adware and maybe more?

Bitdefender Blocked something called like adware.popunder and i saw that it blocked other files that didnt have names and it looked like a .dll file while browsing. I did a full scan and found 2 adware popunders were removed but I ran a hitman pro scan to be sure and it found a suspicious .dll file in opera browser. I was using firefox at the time and the Opera file says it was made 6 days ago but idk if they are related. I uploaded it to virustotal and it seems fine but idk if im completely safe.

https://www.virustotal.com/gui/file/fc6f558d25a24d661a7d289b51f350c4127da4f5f86b6066f3b0ce8449c62d87

0 Comments
2024/12/02
10:29 UTC

0

Help with a wird virus that i accidentally installed.

I accidentally installed a virus, ran the .exe and everything, I don't know exactly what it is, I deleted it and changed my passwords, I checked my connections to see if I have spyware or something, but everything looks normal, it doesn't seem to have done anything at all, but I'm still worried. I attach pics of the files.

This is the virus folder

with 7zip I was able to open the setup.exe files

inside the rsrc folder

inside the 0 folder

inside the first x86 folder

inside the x64 folder

Can someone who knows about the subject tell me what changed on my computer and how can I reverse it?, Should I format my computer? Does anyone know how to keep my important files? If you need more information or the actual virus files let me know.

8 Comments
2024/12/02
09:58 UTC

2

Help with a file

There is this file that I can download, it is off file2share.co. It is a ZIP file, how do I know that it is safe. I ran it through virustotal and it said 1/96 security vendore flagged this url as malicious. The one that it said it could be malicious was CRDF. When I click on the IP address it says 0/96 (so safe). But there is one community vote saying -1. So I do not know what to do. The website is a fairly new website. It seems safe, But I am not sure. It is similar to another somewhat popular website. Trying to hide its IP on WHOIP.

Any help would be appreciated!

0 Comments
2024/12/02
05:42 UTC

0

HELP I AM FREAKING OUT!

(I was on private browsing if it helps at all!) So i was on a website, when i left it, I saw another tab on my iphone that said "security breach" I did not click on it and only pressed "x"

IS MY PHONE STILL SAFE?!

Also side note, HOW DO I CHECK IF MY PHONE HAS A VIRUS I AM SCARED

20 Comments
2024/12/02
05:15 UTC

0

I think I might have been hacked

Earlier today, my pc suddenly disconnected from the internet. All other devices on the network were fine. Eventually I found out that while I was playing minecraft, something had caused my pc to completely ignore all network devices

3 Comments
2024/12/02
00:31 UTC

0

what is WIN32/Offercore.b?

Sooooo I wanted to install cheat engine, and it showed me a few times, for example when I wanted to put it into virus total or to open it (thankfully I didnt proceed when windows showed that alert about unwated apps). I removed it (or at least I think) using nod 32. Is it really removed and what it is?

2 Comments
2024/12/01
21:30 UTC

1

Is it weird for my laptop to do things on its own sometimes?

Sometimes when I’m watching something late at night the video will pause on its own or sometimes it’ll just switch to a different tab on its own. I’ve chalked it up to the computer doing computer things but i am starting to get suspicious of my laptops behaviors.

1 Comment
2024/12/01
21:25 UTC

0

How the hell?

Brand new computer (2 days ago)

Ordered a product from this webshop X yesterday (30/11)

Today I received three different spam mails containing that webshop X name and "how I suddenly won some prizes" even in my local langauge. I never received any mails regarding that webshop X in the past.

How is that even possible? Cookie stealer? Tracker?

3 Comments
2024/12/01
16:20 UTC

0

IS TUMBLR PASSWORD RESET LINK SAFE?

I went to reset my Tumblr account password to delete it, and the link they sent me to reset the password has this warning:

https://preview.redd.it/wrwoviegs54e1.png?width=678&format=png&auto=webp&s=b8ebb5eeacf685353670bc3c8c7230eba6edf6d7

It says, “Microsoft recommends that you do not continue on this site. It has been reported to Microsoft for containing phishing threats that may attempt to steal personal or financial information.” But man, I need to delete this account, I don’t want to use it anymore, and there’s no other way than to access the password reset link.

5 Comments
2024/12/01
03:48 UTC

0

Hi,can anyone please draw me a picture of a team of a bomb with a you are an idiot face in it?

8 Comments
2024/12/01
03:27 UTC

0

please tell me if this is a virus!

I currently wanna install an ISO of a Taco Bell promotional version of a game called My Sims. And I just wanted to know if this particular iso contains any viruses. https://archive.org/details/mysims-taco-bell-promo-pc

6 Comments
2024/12/01
02:24 UTC

2

Does anyone know why my discord is still screen sharing I have the app closed and haven't been on a call in 2 days, im worried this may be a virus?

6 Comments
2024/12/01
01:13 UTC

1

Avast one picks up cmd prompt as a virus

I use multiple antiviruses but for some reason once or twice a week one of them (Avast one) picks up cmd prompt as a virus and I have no idea how do I get rid of it or is it just somehow a false positive and I shouldn't worry about it?

Things I've done:

  1. Run the Hitmanpro scan
  2. Run full Malwarebytes scan with rootkits enabled
  3. Run full Avast one scan and also a boot scan
  4. Windows Microsoft defender offline scan
2 Comments
2024/11/30
14:33 UTC

0

I ran RobloxCrashHandler.exe

is it any type of any harmful stuff (official from roblox version) i tried it opening but it didnt launch so im scared

5 Comments
2024/11/30
11:51 UTC

2

is this a virus

Installed an autoclicker for a game on github and this keeps showing up. Bitdefender is saying its wscript.exe file in system 32 and it is marked as a "potentially malicious application" but I can't delete it because i don't have permission since I'm not the TrustedInstaller.

I already deleted the silently folder from Roaming so I'm not sure what to do now.

Any help would be greatly appreciated

https://preview.redd.it/gp1vb79hhy3e1.png?width=582&format=png&auto=webp&s=3c10a1e2e9fd577a024eaa81c060f7ca9ea717bf

https://preview.redd.it/zn1md20jhy3e1.png?width=476&format=png&auto=webp&s=08731ef09a9878302f2b6c7a30f0353ced2c75ab

12 Comments
2024/11/30
03:09 UTC

2

Factory reset viruses remain?

I saw people saying that on factory reset unless done by usb viruses remain but there is the option in windows cloud download vs local reinstall. Shouldnt cloud download be as good as usb way

3 Comments
2024/11/30
00:53 UTC

2

was this a virus or a something else?

Randomly a photo that I was viewing kept copying and the page on steam kept spazzing out, and icons from desktop kept moving on their own than user page of windows 10 opened and closed, I shut it down, turned it back on and everything seemed normal despite my malwarebytes having high usage in memory and microsoft text application for a second and later dropping down in usage? Was this spyware or something else?

EDIT: I did a scan with malwarebytes and nothing was detected, Still have so many questions though.

3 Comments
2024/11/29
22:08 UTC

4

The computer will not stop turning on

Hello I am looking at my younger brothers pc and for some reson it will trun back on and will open up hunter call of the wild at random times and I don’t know if he is just leaving it on or if it is turning itself on and opening the game some how

19 Comments
2024/11/29
21:56 UTC

2

Help to check if I have a compromised laptop with remote access issue

Looking for some advice on whether my Windows 11 laptop has some kind of remote access concern.

 Maybe once a month or so my (wireless) mouse randomly starts moving, whatever I have opened it get minimised and maxisned for example. As I try and move the cursor, to try and control it, it moves elsewhere. Random icons or app are clicked, resized, the listing of folders are adjusted. All strange stuff.

I try and turn off the WiFi but I can't even move the cursor to bring up those settings. In the end I turn off my machine or go and turned off my internet router.

So I am unable to check task manager when it occurs for anything odd there or with a high CPU %

 

Things I have tried to investigate this:

Checked to make sure Windows 11 is up to date

Run a Windows Security Virus Protect Check and made sure all the setting were on. There is nothing listed in the Exclusion section.

Did a Malwarebytes, HitMan Pro and a CCleaner scan - which find nothing.

Searched to see if there was any remote access software installed: TeamViewer, Anydesk and Tightvnc

 

Nothing usually pops up when I boot up the laptop.

Reading up and saw to check the Windows Defender Firewall, for In/Outbound rules. But the lists for both are long and not sure what to be checking for.

Also, to install the MS TCPView, but again not sure what I need to be looking out for, when viewing by Remote Address.

 

I only use the laptop and haven't installed any new software recently.

 

When I looked through the Task Manager, I just found two listed that had a pause icon, is there something cuss or all OK? Attached screenshots of what they are.

 https://imgur.com/a/EmqfCta

All previous times this has occurred was while at home but the latest was while at work. I just realised I had my Bluebooth settings on. That should not be an issue but thought I would mention it.

 

Any guidance or help on what to check next would be most grateful.

2 Comments
2024/11/29
21:15 UTC

Back To Top