/r/antivirus

Photograph via snooOG

For all of your Antivirus needs.

Welcome to r/Antivirus

Everyone:
1. Please take a moment to familiarize yourself with our [rules].
2. Check our regularly-updated [wiki] before posting. Last major update: 2024-OCT-25

The top rules are as follows:

  • 🆕This is a subreddit where people come for help with computer viruses and malicious software. Memes, jokes, and discussions involving politics are strongly discouraged.

  • Asking a question about a VirusTotal or Hybrid Analysis report? Include a link to it, not just a screenshot, or your post may be removed.

  • Do not post links to websites offering commissions, affiliate links, or sponsored installs.

  • Do not intentionally link to malicious sites (links to VirusTotal and Hybrid Analysis are fine). If you must post a link, please 'de-fang' it by breaking the URL up with brackets like so: https[:]//www[.]example[.]com

  • Failure to respect the rules and each other may result in a permanent ban.

  • If you see any spam or abusive messages, please use the report function to report it to the mods.

The complete list of rules can be found [here].

(Yes, that is a clickable link.)


Regular Users:
Welcome! You can get all of the help you need here, along with advice on removing any kind of malicious or unwanted software and choosing the right antivirus/internet security/endpoint protection for you!


Security Vendors:
You are more than welcome here, as long as you respect Reddit's Self Promotion rules, and are not pushing your product unduly. Do not abuse your welcome. Posting about Sales, Beta's, that sort of thing is allowed, but don't spam it. You are expected to participate in discussions where you can lend your expertise. Click here send a message to the r/antivirus mods so we can set you up with your company flair.


👉We Have a Wiki! (Click Here)

Our regularly-updated wiki contains all sorts of useful information, including links to reputable developers of antivirus/antimalware/internet security/endpoint protection/endpoint detection and response/{insert marketing-term-du-jour here} programs, information about specialized scanning and cleaning tools, information about security tests and testers, practical information on securing your devices and a glossary.

PLEASE CHECK THE WIKI FOR BASIC HELP + TROUBLESHOOTING INFO BEFORE POSTING.

/r/antivirus

86,236 Subscribers

2

Is Malwarebytes good av?

0 Comments
2024/10/31
18:02 UTC

1

I have random iPhone notification from avast blocking malware without being in any site

It happened while I was on the home screen. What can be the reason?

0 Comments
2024/10/31
01:33 UTC

1

infection of host machines from virtual machines

Can some malware infect virtual machine and then infect main machine?

1 Comment
2024/10/31
15:15 UTC

1

I no longer see the option to scan Kaspersky free

I no longer have the option to scan individual files in Kaspersky Free, I can only do quick or full scans. Does anyone know if they removed the option after an update or if it's a bug?

1 Comment
2024/10/31
16:32 UTC

3

PE Resource Parents on VT

Hi! I scanned official Malwarebytes Setup with VirusTotal. (https://www.virustotal.com/gui/file/eedb91d5c57418231eaf086f3739353392fa83267075bc50de2cabd11db66c1f/relations)

No viruses were found in the detection tab, but the Pe Resource Parents file was found in the relations tab with 63 detections. What is this file and is Malwarebytes Setup dangerous?

1 Comment
2024/10/31
16:22 UTC

2

Stand, a popular gtaV cheat

So about a year ago I looked into getting a mod menu for gtav online because the state of the game was absolutely unplayable unless you yourself had cheats, so everyone i talked to and every video I watched recommend a menu called stand, it's a paid mod menu service and I 100% download it from the right source and not some sketchy websites, unless you count the devs of stand being sketchy. We'll like everything i download. I ran it through virus total before running it, and there were two positives for a tojan, but every forum on stand claimed those were false positives. So months later, I stopped actively playing gtav, and I eventually got malwarebytes because I figured if I had messed up and accidentally downloaded something bad in my system, I'd like to know. We'll i did a full scan with malwarebytes and it too flagged stand as a Trojan, malwarebytes "quarantined" so my question is, should I be worried, is it all taken care of? I've never used malwarebytes before, so what does it "quarantining" the program actually do? Do i still have to delete the file, or did malwarebytes do it for me?

2 Comments
2024/10/31
15:25 UTC

1

Issues when trying to uninstall CIS using windows as well as the CisCleanup

I tried uninstalling Comodo multiple times but it always said: "cmdinstall.exe wasn't properly signed. Installation abroted." when using the CisCleanup or that it was blocked by an admin (when using the Windows uninstaller) although i'm the admin. Thanks for help in advance!

0 Comments
2024/10/31
14:15 UTC

4

Node File on my Desktop

Hello everyone , hope all doing good
I got hacked in the last week, and I installed antivirus and it deleted them, I used more than one

I used MalwerByte, KasperSky , and BitDefender, they cleaned my PC and whenever I scan it doesn't detect anything now.

Now I have seen a file called "node" on my PC, its an exe file . it appeared from nowhere on my desktop, I Scaned that file and it was empty and even used the antiviruses to check it, and It says that it's not a malware ,

I deleted it and then after a day it appeared again,

should I be worried and do something like clean install windows again , or its nothing ?

https://preview.redd.it/4yingw9zl3yd1.png?width=559&format=png&auto=webp&s=342232a6cae074a9ca67e67a86c5f5373d34820c

9 Comments
2024/10/31
14:02 UTC

1

Clicked a link in my google search bar, took me to a site which I'm stressed for

So I clicked a link and it took me to a site, people are going to be sus as to why its in my history but I honestly have no idea. It took me to a chaturbate site. I am stressed that the site is using my camera and streaming my camera to the site without me even clicking anything on the site.

https://www.virustotal.com/gui/url/8eb3a98b8cb5d227ecaacf3e573814007c3f09ca9995e65b0b3910958a9ca1fd

1 Comment
2024/10/31
13:35 UTC

6

Is it possible for this to contain a virus? Got a mini virus from a dirt cheap usb bluetooth adapter that broke my DLL files so kinda skeptical

27 Comments
2024/10/31
12:02 UTC

1

Topic: Seeking Help – Windows Defender Disabled, Possible Virus Infection

Problem: I believe my computer is infected with a virus. I’m unable to use Windows Defender or other essential security services, which seem to be disabled, and I can’t restart Defender or activate virus protection. It also appears that my Windows passwords and passkeys are being changed or deleted without my intervention. My computer is now attempting to operate all tasks as an administrator, which worries me even more.

What Happened: The problem started 2-3 days ago after I downloaded some suspicious files. Initially, everything seemed fine, but soon I noticed:

All credentials (bookmarks, saved passwords, Google accounts, etc.) on my browsers (Chrome, Brave, and Edge) were wiped. When I tried signing back in, certain credentials wouldn’t save, and only the PIN code remained for sign-in. Solutions I’ve Tried:

Ran antivirus programs like Kaspersky and Malwarebytes. Used utilities like Tron and RKill. Booted into Safe Mode with Networking and attempted various methods to enable Windows Defender and virus protection using regedit and services.msc. Changed all critical passwords using my phone. Despite these attempts, I’m still facing issues. None of the above methods restored Defender, and I'm hesitant to try other antivirus software promoted in YouTube videos due to concerns about their reliability.

Request for Help: Given my situation, I’m wondering if a full Windows reinstallation is the best course of action, or if there are any other reliable, safe steps I can try to clean my system entirely. I’d greatly appreciate any advice from those with experience in handling similar issues.

Thank you for any guidance!

6 Comments
2024/10/31
11:35 UTC

4

False postitive or virus?

McAfee shows this reason ti!a1c008247adc but the file is clean on virustotal. Is it a virus

6 Comments
2024/10/31
10:26 UTC

4

i think i got a trojan?

honestly i’m so scared i have a virus i don’t want my youtube channel to get hacked or any of my socials windows detected a trojan called win32barrys.pz! do i gotta fully reset my pc?

13 Comments
2024/10/31
09:18 UTC

1

Windows defender keep blocking tmp files

I have no idea why windows defender is blocking some files in C:\windows\temp with security level low it also blocks a .dll file from a preinstalled dell software in system32/drivers idk why anyone know why?

2 Comments
2024/10/31
08:29 UTC

1

Eset with Live Guard vs BitDefender

Hello everyone,

We are using ESET and we have about 55 installations. Since a couple of PCs have email access I would like to know what the experiences of ESET with Live Guard are compare to Bitdefender in term of protection - does anyone have experience with both products?

Thx

5 Comments
2024/10/31
07:53 UTC

1

How to figure out where a PUP came from?

I ran Malwarebytes and came up with PUP.Optional.WinZipDriverUpdater. Is there a way to detect where or what it came from? The file location was in user/downloads/wzdu53.

I read PUPs are adware and harmless which is why they are categorized as PUP and not malware. Is there anything I should do beyond quarantine them?

Would greatly appreaciate any help/input on the topic!

2 Comments
2024/10/31
05:31 UTC

1

Help need help with getting rid of qubscribe and combo cleaner

I looked something up on Mozilla Firefox and realized it was using qubscribe instead of Google.Looked it up in a secondary browser and brought me to combo cleaner, which I installed to get a pathway to malicious file. I just decided to delete all of Mozilla and combo cleaner from computer, but when uninstalling combo cleaner, it's asking to restart the pc stopped there to not do further damage just incase. Currently looking at installshield wizard will attempt to attach photo

https://preview.redd.it/10z2va94l0yd1.png?width=1920&format=png&auto=webp&s=6ad0257a9fc983ab12124bd58950614958f64631

Update Had to go to bed clicked restart to see what happens qubscribe is gonna after getting rid of all Firefox data and a fresh reinstall waiting on pc restart to see what happens.

0 Comments
2024/10/31
03:37 UTC

0

hacker made me type something into cmd and it installed a RAT but they only took stuff from my roblox accounts?

basically i was stupid and typed something into my cmd bar that i thought would help me with a problem i was having with an external fps booster but it put a RAT onto my computer and for some reason they only took stuff on my roblox account, my other accounts are fine however i changed all my passwords and even made a new email as well as cleaned my drive. am i safe and are their rats that do only specifically that? i only ask because i am still paranoid they have access to all my others things

5 Comments
2024/10/31
03:23 UTC

1

Should I be concerned or am I okay?

So I was sent a video and it was in a .zipx which I already thought was kind of weird, because why not just send me the video straight up? Double clicked that, and noticed the file inside was in a format I had never seen before, which was a .scr extension.

Thought it might be some weird video format I'd never heard of, but still kinda sus. Didn't do anything from there on, didn't even extract the file. Just searched up that extension and saw that it's an executable, most likely a virus. Deleted the entire thing, ran a scan with Malwarebytes, everything seems fine.

Still feel a little paranoid, though. Should I be okay?

Thanks!

2 Comments
2024/10/31
02:00 UTC

1

Trojan:Script/Phonzy.A!ml found by windows defender after running EXE file

I ran an EXE file and immediately this was detected by Windows Defender. I quarantined and restarted as it said. I have since run scans with defender, hitmanpro, and malwarebytes none of which detected anything. Looking at threat history on defender it shows me two instances one says threat quarantined and the other says remediation incomplete. What should I do now?

6 Comments
2024/10/31
01:16 UTC

1

Rav endpoint

Does anyone know how to delete this shit. I swear i uninstalled it and it came back

0 Comments
2024/10/31
00:23 UTC

1 Comment
2024/10/31
00:14 UTC

1

Email from hacker after virus on pc

I had a virus on my pc and after factory reset of my pc, including deleting all drive partitions, formatting all drives 3x, and even fresh usb installing windows 10 as reccomended by folks on reddit. I've secured the accounts on a separate device and all seems to be well besides this email.

https://preview.redd.it/m3q6bmowezxd1.jpg?width=1080&format=pjpg&auto=webp&s=0cb674514f8dead108b09e5e380f591c42c8b09d

6 Comments
2024/10/30
23:55 UTC

3

Malcrow - An open source scarecrow for Malware

Hello everyone! I've released the first version of my software called Malcrow. You can read more about it on my Github. It works to create fake processes, registry keys, and eventually services to mock an analysis environment to prevent malware from running.

I made this after coming across Cyber Scarecrow (a non open source version of this). The difference being is that I wanted to make an open source version that anyone could work on, use, or modify.

https://github.com/Babyhamsta/Malcrow

I wanted to share it here as it seemed like it fit, mods please correct me if not.

0 Comments
2024/10/30
23:36 UTC

0

ClamAV malware effectiveness in 2024?

How effective is ClamAV, deployed via Docker (ClamAV Official Image), for detecting and mitigating modern malware threats in 2024, especially with today’s evolving threat landscape? I plan to use it to scan file types like .DOC, .DOCX, .TXT, .PDF, .GIF, .JPEG, .JPG, .PNG, .TIF, .TIFF, .BMP, .XLS, .XLSX, .DOT, .PPTX, .PPT, .XPS, and .PICT. Given my tech stack in .NET, I’m seeking a solution that integrates well—are there specific concerns or limitations with ClamAV in this setup?

Any advice from recent users or suggestions for potential alternatives would be greatly appreciated!

I’ve tried ClamAV and have been pleased with the results so far; however, I’m trying to assess its overall effectiveness.

1 Comment
2024/10/30
23:35 UTC

1

Did I have a virus?

So I noticed every time I opened any game on my computer it would suddenly crash out any other programs open. Then a day later the game itself would randomly crash. Then missing textures were present in a game I was playing, finally all games insta crashed and chrome was spotty, tabs occasionally crashing. After looking through task manager and performing a malware scan and coming up with nothing, I uploaded some essential files to Google drive then reset my computer. So my question is A: does that sound like a virus, B: can I be certain it is gone after reset? For clarification the only recent changes I can think of to my computer was getting a new wifi adapter off Amazon and (after which several times while attempting to log off I'd get Switch USB is still running, force log off?) and I'd never seen that application before. Secondly I uploaded a game file to a slightly sketchy seed predictor site. Hadn't downloaded anything in months.

0 Comments
2024/10/30
22:06 UTC

2

Google and Phone number hacked?

Hi,so yesterday i downloaded blue stacks,an android emulator on my pc,on this emulator i logged in with one of my google accounts(with nothing on it)and evrything seemed fine,until today,when I receive security allerts from google that tell me,that the number associated to my google account(the one i used on blue stacks)changed,so I checked,(I didnt add any phone number to the account yet)and I found out that my phone number was now associated to that google account.I removed the number and changed the password(there wasnt any session on any device except from mine),but,since i had many services(also an other google account) associate with my phone number could they be hacked?And also,have i really been hacked?Because i think it may just be an error or something from google.

0 Comments
2024/10/30
20:54 UTC

1

Call Of Duty file detected as Trojan

This was detected by F-secure about a week ago, when i updated call of duty from xbox app.

Information from Antivirus (F-Secure)

Path : C:\XboxGames\Call of Duty\Content

File: rangrid. sys

Reason: Trojan.TR/Patched.Ren.Gen2

I have done a couple of virus scans after that, it did not detect anything again.

I am pretty sure it's a false positive, but what do you guys think?

3 Comments
2024/10/30
20:46 UTC

0

how to fully turn defender off?

is there a way to fully turn defender off when using a 3rd party antivirus? even when i have malwarebytes real time protection on some of windows defenders programs still show up as being used on task manager. i strictly want to use malwarebytes as it uses less resources

1 Comment
2024/10/30
20:42 UTC

1

I downloaded ae from a trusted website and got a trojan message

So basically I downloaded ae from a safe website and suddenly the windows defender showed "trojan detected" right after the installation finished and when I scanned again it showed "no threats found". I even opened Malwarebytes and scanned the entire pc and there were no threats found. Should I be worried or not 🤔

3 Comments
2024/10/30
20:28 UTC

Back To Top