We help IT Professionals succeed at work.


Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.

I would like to know why is Brave Browser being blocked by MWB? How can that be fixed since it is not a malicious software. See Video.

Thank you,
Basem Khawaja
Connectify converts a PC to become a Hotspot.

My Trendmicro Officescan treats Connectify (trial copy) as a malware
though Malwarebytes doesn't treat it as such.

How can I make Officescan whitelist or deem it as non-malicious?
Hi experts,

Currently I am running Windows Server 2016 Standard with Hyper-V and two VMs. One VM is for RDS and one is for Windows Essentials for databases and the domain controller. The client computers remote to the remote desktop server.

The two VMs are backed up by Veeam and the Hyper-V server as well as the two VMs have Windows Defender for A/V. I also use O365 with Advanced Threat Protection. But, I think I would be better off with a more robust anti-malware program to protect for 0-day malware, ransomware and other security functions. Trusting users with email and website drive-bys seems like an invitation to ransomware. The only protection I have currently is Windows Defender and backups including the cloud and air-gapped storage. For completeness, I am using pfSense for my router/firewall.

My question relates to choosing the best Anti-Malware program. I have looked at quite a few including ESET, MalwareBytes, Sophos, etc. but the amount of choices and technology and how they are presented on their websites is confusing at best. I have tried to look at reviews of of many of the programs, but many of the review sites look more at home versions.

I was wondering if a) anyone has ideas as to best set up security for my network, specifically the two VMs and if there are any sites you would recommend to gain information about the anti-malware programs. This network setup -- similar to the old-style thin clients except with full workstations is completely …
The user's Windows 10 computer has run out of free space, and WinDirStat reports 91% of the drive space is taken up by <Unknown>
MalwareBytes ran last night, scanned 455,380 files, with no threats found.  This scan took 4 hours and 10 minutes
I installed the latest MalwareBytes update this AM, and I assume that I have another 3 hours for that to finish.

The only major change that the user recalls is that a Cloud 9 connection to what appears to be a virtual desktop was installed around the time they noticed the computer slowing down.

How should I proceed?   Thanks.

91percent of drive used up by unknown

Please suggest any Anti virus SW for android phone like Hauwei. Mate 20x?
I’m staying in a hotel and I opened my MacBook, without thinking. I entered my room number and such to acquire WiFi

How can I tell if it has been infected w backdoor software?
I think I looked at my email
What alternative would you recommend either open source or paid to replace Symantec Endpoint Protection for a network,
or Malwarebytes Endpoint Protection which runs on a network.
Thank you.
user claimed he clicked on email attachmt
for the AV alert below (his PC is Internet segregated) but I hv doubt:  wud an email attachmt save under ...windowscommunicationapps... ?

Threat location: C:\Users\johnnyr\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\1\Attachments\File[14327].doc
Threat name: Trojan.W97M.POWLOAD.SMAF3
Hi Experts!

Being overly cautious here and wanted your opinion.  I received the following (ransom) email below and thought it was suspicious. From what I can find on the web this looks like a phishing attempt (somehow gotten a hold of my email and old password from somewhere). On my desktops and laptops we have the paid versions of Avast Premium Security and MalwareBytes. Both are scheduled to run daily, and Windows Update is always on. We primarily use Google and that self-update. My email account has MFA enabled for awhile; so I know this person cannot access my email?

 After getting the email I manually scanned the desktops and laptops with Avast and MalwareBytes. Nothing found. Downloaded and ran Spybot seach and destroy and nothing bad found.

My thought that this is a phishing attempt is because if you have control over my computer when don't you lock it and demand payment instead of this email?

Here's the email:

Recorded You <recordedyouXXXX@XXXXX.com>

Nov 18 at 1:30 AM

Hey, I know your password is: HeknowsMyPassword

Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn't updated / patched, in such case it's enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploit".

My malware gave me
BitDefender is deleting my computer ID.  Thus every time I log into various sites, I have to do two factor authentication.  Not sure what setting is called or what to look for to disable or not have it run every single night.   My computer is locked down and doesn't have any passwords remembered etc. so I feel comfortable turning this off.

Any ideas what I look for?
We had a none critical server get infected with the Cheetah virus.  I have run Sophos and Malwarebytes and neither has fixed it.  I can change the extensions manually but that will take forever.

There must be a simple solution that one of you have tried.   HELP!
My Google searches seem to have been hijacked

Every query comes up Search Encrypt

And the contents are not Google search results.

What's going on??
Mysterious Z: drive in Windows 7.  Client called today with Excel files missing from documents and instead all of the files he had deleted some time ago returned.  I have removed the unwanted files, no problem there.  The missing files were in the apps\roaming\Microsoft\network folder.  This is a stand alone PC, what would move them?  Next I noticed a Z: drive???  The drive has the same physical space used and capacity of C:, but doesn't have the same contents.  The Z: drive doesn't appear in the registry or Disk Management.  There is not 2 physical drives in the machine.  Norton is the AV and failed to detect (Full scan) Poweliks.  Roguekiller, ADWcleaner and virustotal.com website detected the virus.  I believe things are cleaned up now, but still suspicious of this Z: drive.  It only contains log files and copy of PDF files (From documents).  The logs are were updating as of this morning.  They don't appear to be updating this afternoon yet (Post removal of virus).

I was wondering if EEs could give me some suggestions for managed  AV software. I have tried norton, avg, bitdefender (current), webroot, kaspersky, virus kept on slipping through.

Any ideas?  thanks
Google hijacked by https://www.searchencrypt.com/search?eq=7buN3wW%2BTmjyobKDgBD8X643alvLjHyhwe8LPxbEnaE%3D

Every time I search using Google in Firefox I get this crap.

In Chrome, it works fine.

How do I get rid of this & prevent it in the future?

Somehow, when I go to google.com, I now get this.


How do I fix that?

I'm using Firefox, I don't have time to try other browsers.

Hallo Experts
I would like to collect the following Threat Artifacts from a compromised Windows System:
  • CPU
  • Routing-, ARP- & Process tables
  • Memory
  • Temporary files
  • Relevant data from storage media
What would you collect? Is there any best practice from NIST or anyware?
Thanks a lot
Hallo Experts
For our Security Operations Center (SOC), we are searching for a tool that can collect “Threat Artifacts”. When I worked with McAfee in the past, they used GetSusp to collect information about undetected malware on their computer.
We are searching for a similar tool that we can use in the network to collect information remotely. What would you recommend us? It would be nice, if the tool would work on Windows & Linux, albeit this is not a must.
Thanks a lot
It's not uncommon to go to a website that gives you a frowny face and guilt tripping you that "We see you have an ad blocker. But that's how we make our money." So then if you really want the site you can white list them. And then typically you forget about it. Is there any way to tell in what ways the sites have taken advantage of your white listing? If they gave you spyware or something else malicious can you trace the malware to the site that gave it to you?
Does anyone know of a tool that can successfully remove EMOTET?
Hi guys

I've installed an anti-theft application on my laptop, in case some thieves break into my home and take it (there's been burglaries in the area). I'm trying to think further down the line. The issue I have with these applications is that if someone takes my laptop, they may be cunning enough to take out the disk inside at which point, I can kiss goodbye the anti-theft application I installed.

Are there any tracking devices out there that I could plant into my laptop, to locate it in the event of an unfortunate event?

Thanks for helping
Hello, I have a windows 10 system that a pop up on the right corner of windows keeps popping up with oload.club virus removal if you click on it, it takes you to a webpage doing a scan so I assume it malware or virus, I ran Malwarebytes, McAfee and MS Defender with no luck .... any suggestions on removing this?
Windows Defender Service pegged 100% CPU.  Any way to fix it?  Do I need to reboot the VM?
This is win 2016 server std edition.  Single CPU 8GB ram
I’m trying to compare the two solutions, between Webroot anywhere secure with DNS protection or Sophos interecptX advanced with EDR.
I do have a Sophos Firewall, but I’ve been using Webroot for now and just tested InterceptX and I have to decide which route to take.

Does anyone have any recommendations?
The client complains about the expense on antivirus software. What solution are you using for a company running over 150 computers?
This client has been using Trend Micro for over a decade, which is installed on servers and PCs. Every year when renewing the software, the client always questions
- Is there anything cheaper but doing the job?
- Can we disable internet access on certain computers and save the license on them?

I am so fxxking annoyed.


Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.