Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a client who had a scareware event with a threatening dialog that offered a number to call to "help him".  I disinfected, as I normally do, with Adwcleaner, Malwarebytes, and Hitmanpro64, which usually does a nice job eradicating the beasts.  Another has appeared that seems familiar, and so I'm concerned that I might have missed something   The dialog, which my client sent me, and I didn't myself experience, is attached.  

My question is how can I find the source of that dialog, or others of that ilk, and know that I've removed it, or not, using the above system or another.

Your insights are appreciated.
Upgrade your Question Security!
LVL 12
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

How can I temporarily disable Windows Defender within Server 2016?

I don't want to uninstall or permanently disable Windows Defender.

I simply want to temporarily disable it and then I'll enable it again once I'm done.

How can this be done?
My question is about Virus, Malware and Phishing protection.

When I receive an Anti-Phishing alert from Bitdefender with computer name, ip, threat threat type (in this case anti-phishing), url, action (in this case anti-phishing blocked), the timestamp for last blocked url and number of attempts...WHAT should I do?  

The alert is telling me that it detetected some phishing activity on a particular site and blocked it.  Right?  Is that it?  Does any/everyone need to be notified?  I know reposes my be varied and opinionated, I'd just like to get a general consensus or industry standard/best practices.  

This website is keep popping up every time when i try to load any web page. I have malware bytes but its not catching anything. I am using windows 7.

Hi guys,

We've found a Key Logger on someone's PC in our U.S offices. The trojan is Trojan.Boaxxe and it has indeed spotted 'Spyware.Ursnif' all over the place. We had some fraudulent activities occur in November 2017.

I've even included the snapshot for you of the findings. When I go to the .txt files you can see, it definitely has November dates which is when the frauds occurred. However, if I go to the 'Tojan.boaxxe' location which is in the Appdata\Local\YJPack location, the date for that is 2015. I'm trying to work out when the actual keylogger was installed.

Is there anyway of finding that out? And how on earth would a keylogger have been installed? Would it usually be through a manual installation or a possible script via phishing etc?

Thank for helping
Malware removal and tools.  For several years Malwarebytes, gmer, autoruns, TDSSKiller, process explorer, and HJT were my go to tools for malware removal.  As of recently, it seems like Malwarebytes isn't catching as much as it used to and I was curious what are the top tools and order of progression in using them?
Android 7
I swipe and usually see this screen adware
1 month ago I installed battery optimizer app
And this adware started 1 month ago

Hi experts,

Three days ago I tried to use my standalone home computer running Windows 7 Pro. It's anti-malware software is MBAM 3.0. I clicked on the Start button and about 20 web browsers began to load. I continued to click the red x's as fast as I could and after about two minutes of battle with them, they were gone. I clicked on the Start button again, the menu came up which could BARELY be seen like a ghost, and the browsers popped up even faster. At the same time, thirty or forty print windows emerged. These were picked off a little easier by closing them on the task bar. The web browsers were a little more difficult, taking about 2 1/2 minutes to defeat. Of course, I figured malware. I suppose I wasn't freaking out, because I have backups and a total reformat wouldn't be that troublesome, although it is work I don't have time to do.

I didn't just do a hard reboot on the computer, because I wanted to somehow get to the A/V. I was successful at that, and a MBAM scan found seven things. The first six said Trojan.generic, while the seventh said Trojan.generic/suspicious. The interesting thing is that the path was to an application that is somewhat known for being flagged; not one you would have ever heard of. Maybe it should be excluded.

But, since these were quarantined, the behavior has been normal. I can try anything, and I can't cause it to hiccup. The strange thing is, after running another MBAM scan, bringing up SAS Pro and scanning and finding nothing, I …
I have a Windows 10 PC which I have just updated to the latest Windows 10 Insider Preview Build 1709 (OS Build 17074-1002). I now find my PC is haunted with hijacked web pages, unwanted ads, videos, music, etc. I never know where I am going to be misdirected and some sites I cannot access at all without being diverted. Ironically one site I cannot access is Experts Exchange without my PC going off in some adventure of its own.
I have done antivirus scans using Windows Defender and AVG Internet Security Suite. Defender did find some viruses which it dealt with but my problems remain the same. Can anyone suggest a way forward?
I did try to uninstall the latest Windows 10 update but could not do that either, screenshot attached.
how to remove ramsomware samsam or .weapologize extension?
Free Tool: ZipGrep
LVL 12
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.


I have been infected by some ransonware i don`t know.

In the attached file is the readme file with the instructions to decrypt the files. Anyone knows the ransomware and how to decrypt it?

It seems a xorist one, but the tool by kaspersky doesn`t work.

Any information will be welcomed.
Hi Experts

Could you point a way to stop Malwarebytes from start with Windows?

My intension is to start it by myself from time to time, the reason is the high consume of  MBAMService.

Thanks in advance
I ran a virus scan during the night, and received this result in the morning:

Trojan: BAT/Stravdri.A
This program is dangerous and runs commands from an attacker.

I deleted it and restarted the computer whereupon the computer worked much faster. But now I am not sure if there is an issue again, begin to get slow sometimes.

I have a large project I am working with that has a tight deadline and have no time to run more thorough virus searches. So I wonder if there is any quick measure I can take? My normal AV software (MSE) takes more than 24 hours to run a thorough scan with. Malwarebytes Pro did not find anything when I run it two days ago.

I had someone use my credit card a few weeks ago, and had it blocked by the bank. Lost around 300 USD. It is possible it could be related to this.

I use Windows 7 Home 64-bit.
Dear Experts,

I have a client whose 2 PCs got infected.

When they go to yahoo webpage in Singapore -> Finance -> Currency Converter, there is a pop up at the bottom of the page.

Do you want to open or save OAD_Comscore_NoID2.js from

I went into Control Panel, Internet Add-Ons, Registry.

Malware scan also did detect it.

Any idea on how to stop this?
Hi all, my disk is full and are created a several files in windows\temp\  
please help you guys!
I'm having some PC troubles. I have a total of 3 hard drives connected. The other 2 hard drives stores my videos, pictures etc. I ran NOD32 and Malwarebytes and they both said I was infected with Virus.Win32.Neshta. I noticed that I couldn't launch Google Chrome then VLC started giving me errors and my videos wouldn't play. I reformatted my hard drive and did a fresh install of Windows 10. After I connected back my other 2 hard drives and started re installing everything, I got a message from Windows Defender saying "something" "malicious" was blocked. I ran full scans with NOD32, Malwarebytes and Windows Defender. NOD32 thinks that almost everything, even files that I know are safe, thinks its a Virus.Win32.Neshta. I didn't have problems like this a week ago so I'm trying to figure out where this is coming from? I guessing its from 1 of the other hard drives but really don't know what to look for. Has anyone else experienced something like this? Strange.
Please provide me with the URL address to download Symantec Antivirus for a Server 2016 Active Directory domain controller.
One of my co-workers informed me that a family member received an error message on their Home MAC Laptop “Error #0x80072ee7"  A good description of the problem is on this web site:

My co-worker actually called the number and someone was able to remote into his home laptop.  Afterwards he called me and asked me for my thoughts.  I told him it was a scam and not to trust that person or call that number again.  My co-worker informed me that even though the fake spam tech was on his wife's laptop for 3 minutes that same guy did not connect to his work MAC laptop (that is at home).

I want to scan every device that this co-worker has before he connects to our corporate network.  I researched an anti-virus that can be used for MAC/Apple Laptops and found:  

Then I would suggest that the co-worker use that anti-virus program for every other Apple device at his home.   For Windows computers I like to use Hitman pro; but, there are a lot of other programs as well.

I wanted to ask the Experts, if I should do anything else besides scan the co-worker Apple devices (Home and Work Devices)?  I am also thinking about having a little safe computing presentation for top executives of the company.  Even if their time is extremely important.

So my questions is:

What should I do to make sure that the co-worker's devices are virus free before he connects with them to the corporate network?  SO…
Hi guys,

I see the PCMatic commercials, along with ALL of my clients.. I am a computer consultant that goes into homes & small businesses...

I do NOT deal with servers, just home computers.

How can these guys say they are 100% solution to protect against all threats?  100% against ransomeware too...

Is this a good solution?  
If yes, why?         If not, why not?

Should I recommend to clients?

I know I have read they blacklist everything, so nothing gets through...

If they are sooo good as they say, why wouldn’t everyone be using??  

Thanks again, :-)
We Need Your Input!
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

I'm looking at Cylance for my malware solution. We're all set to go with Malwarebytes. I'm confident in the latter being a worthy adversary for all the risk at here. But Cylance was brought up recently and I wonder if anyone has used it and what they think of it as a viable solution.
Sometimes legitimate websites such as for hotels or companies get flagged by my Malwarebytes Pro as scam websites (the websites get blocked):

"Malwarebytes blocked a suspected bad URL or an unwanted program."

In these cases, as I need to visit for example a hotel's website to make a booking, would it be safe to use a Chromebook instead? Or use another solution to visit this website?
in TrendMicro's  .dat file, I could issue  
  find/I "malware_name"  AVfile.dat
& it will list if a specific malware is found in it.

McAfee releases csv file (from its portal) the rulesets for various
vulnerabilities which I could search by CVE number.

I wanted to do the same with McAfee AV but from its  amcore.dat
is simply all binaries & won't return anything.  
Is there any method to check what malware/viruses it protects against
in the DAT?

A colleague told me McAfee don't permit its DAT file to be searched
& don't publish full list of malwares (not the new signatures updated)
for each DAT released, true?

Link below mention there's a way but when I login to McAfee portal,
don't see that option anywhere or I navigate wrongly:

Above link says:
Select checkbox for 'Malware Name' and enter DNSChanger for the search.
I am wondering if there is a good way to scan for hijacking code on a Windows 7 machine.  the browsers are behaving funny, and something definitely is taking over the browsers.  Symantec SEP does pick up a "web attack" when Internet Explorer is opended up, but a full scan does not reveal anything.  Is there a better scanner out there?  Should I not even waste time scanning and rebuild the machine?  what's the consensus out there?

I could not download Combofix even though I have Windows 7 Home Premium (tried, but I was prompted to download Plumbytes Anti-Malware instead). I had the scan on whole night (took a long time), then the list included 27 threats (among them a hijacker, but which still was labelled as only a 50 % threat) which Plumbytes said can be removed only after I have purchased it.

Is this bogus, should I ignore these threats and delete Plumbytes?
Very strange, this morning when I turned on the computer I got a message that Malwarebytes (I have Pro version) has been turned off. When I turned it on, the option "Protection against malicious code" was switched off, and I can not switch it on! All other options are selectable and can be switched on, but not this option.

Last time I was in Manila I had similar problems with strange things happening. Then when I left the problems disappeared. And most often here in Manila I get warnings when connecting to the hotel wifi about insecure network or dangerous connection.

All kinds of small problems since 2 days when suddenly I got this problem with the message "Waiting for proxy tunnel" in Google Chrome and "TLS handshake" in Mozilla Firefox:

Other problems: Can not use Google API any longer for connection to Google Translate API for my CAT tool. Can not switch input language any longer. Can not run Windows Update any longer:

Other problems (continued):

Takes ages to save a text document or other document ("Not responding").
"Google has authentication problems" when logged in to Gmail.

Etc. etc. (new issues coming up all the time).


Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.