Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is there a program that BLOCKS spyware/adware??


  • Please log in to reply
16 replies to this topic

#1 poppapug

poppapug

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 29 October 2015 - 01:47 PM

I've just joined this forum and after searching the past posts I can't find an answer. I run Win 8.1 Pro system. Have current Bitdefender Internet Suite installed, also Malwarebytes Pro, as well as Spyhunter installed. All three programs, I believe, are considered to be among the best for virus/adware/malware/spyware protection. That being said, I encounter various spyware each time I scan the system with Spyhunter or Malwarebytes. Either will remove the items it discovers. Like my topic title says: Does a program exist that will BLOCK this junk before it latches onto my system?
 
Thanks in advance,
 
Poppapug :)

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:04 PM

Posted 29 October 2015 - 02:03 PM

Hi there,



If Malwarebytes Anti-Malware Premium does not work for you, there is the option of Emsisoft Anti-Malware. However using it with BitDefender Internet Security might be redundant since EAM also uses the BitDefender engine for scanning.

#3 Gorbulan

Gorbulan

  • Members
  • 832 posts
  • OFFLINE
  •  
  • Local time:05:04 AM

Posted 29 October 2015 - 02:04 PM

Spyhunter is no longer recommended by BleepingComputer. Apparently, the company that makes SpyHunter engages in aggressive and deceptive advertising. SpyHunter has been listed a suspicious program, and should be avoided.

 

Here is a link where quietman7 describes SpyHunter in full detail.

 

As for blocking adware, there isn't really a guaranteed way of blocking it. Technically, adware or PUPs are not as malicious as a trojan horse or virus, so they can get a pass from anti-virus/malware software. I think part of the reason is that certain software needs the adware to function. My roommate plays games that require the iWin adware.

 

I get adware junk sometimes too, but malwarebytes and adwcleaner take care of it for me. 


Edited by Gorbulan, 29 October 2015 - 02:06 PM.


#4 RolandJS

RolandJS

  • Members
  • 4,533 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:08:04 AM

Posted 29 October 2015 - 02:14 PM

  Some, but not all, malware/spyware can be blocked by a combination of anti-malware/anti-spyware programs.

After some trial and error, after some experimentation, one arrives at a close to but never reaching computer-nirvana.

Presently, my nirvana combine consists of: SpywareBlaster and Spybot S&D -- the portions that watch over and edit host file;

Emsisoft Anti-malware [payfor version], both Malwarebytes Anti-Malware and Anti-Exploit [payfor versions] -- shields ON.

In case anyone asks:  Avast and Avira Anti-Virus [payfor versions], quarterly alternating shields -- watch for viri.

[Addendum:  Nobody anywhere ever recommends having two AVs residing on the hard-drive.  Do not do as I do.]

  As Quietman7 and others will tell us:  ** the end-user is 80-90% of any security process **

While the above programs will help, Smokey the Bear revisited:  only YOU can [almost] prevent computer "fires'!


Edited by RolandJS, 29 October 2015 - 02:29 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:04 PM

Posted 29 October 2015 - 02:20 PM

OT: Roland, I think quietman7 has talked about not using Avira and Avast at the same time - even if they are not enabled at the same time. :)

It's because the kernel level components of different AVs will clash, even if you don't enable real time protection they will still be there and cause problems. That is why most vendors have removal tools so their drivers would not be left behind during an uninstallation and cause problems for future AVs.

Back to the topic at hand, safe surfing is the most important aspect of preventing any kind of infections, even PUPs. Don't let them in and they will not just randomly jump into your computer out of nowhere :)

#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 29 October 2015 - 02:25 PM

Spyhunter is no longer recommended by BleepingComputer.


I'm pretty sure that since Day 1, SpyHunter was never recommended by BleepingComputer's Staff since it has acted as a Rogueware since the day it was created.
 

As for blocking adware, there isn't really a guaranteed way of blocking it. Technically, adware or PUPs are not as malicious as a trojan horse or virus, so they can get a pass from anti-virus/malware software. I think part of the reason is that certain software needs the adware to function. My roommate plays games that require the iWin adware.


Adware are still considered malicious, so are PUPs. There's a difference between "malicious" and "dangerous". No malware get a "pass" from Antivirus or Antimalware software, ever. PUPs are the closest you can consider to an exception and even there, a lot of Security Vendors (like Malwarebytes and Emsisoft) offers you the option to consider them as plain malware and pick them up in the detections.

If a software really, really needs an adware in order to work, then it's a software that shouldn't be used and the author isn't doing something right. So your roommate is either doing something wrong, or playing a game that is doing things in the wrong way.
 

I get adware junk sometimes too, but malwarebytes and adwcleaner take care of it for me.


If you frequently get infected with Adware, it's because there's a hole in your security setup and it might not come from your Antivirus, Antimalware or Firewall.

Edited by Aura, 29 October 2015 - 02:25 PM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 Gorbulan

Gorbulan

  • Members
  • 832 posts
  • OFFLINE
  •  
  • Local time:05:04 AM

Posted 29 October 2015 - 02:50 PM

If you frequently get infected with Adware, it's because there's a hole in your security setup and it might not come from your Antivirus, Antimalware or Firewall.

 

It isn't frequent. I use adwcleaner whenever I install something new, even HP printer drivers. Sometimes I will get generic looking registry entries, which I am told are traces of adware. Can't be certain without uploading a log though, but it hasn't been a problem so I am not too concerned...yet. 

 

If a software really, really needs an adware in order to work, then it's a software that shouldn't be used and the author isn't doing something right. So your roommate is either doing something wrong, or playing a game that is doing things in the wrong way.

 

I agree, if it needs adware it should not be used. Tell that to my roommie. She is a casual gaming junkie and one of her favorites includes the iWin garbage. She can't use the game without it. Its one of the reasons why I keep recommending an iPad to her.


Edited by Gorbulan, 29 October 2015 - 02:50 PM.


#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 29 October 2015 - 02:59 PM

It isn't frequent. I use adwcleaner whenever I install something new, even HP printer drivers. Sometimes I will get generic looking registry entries, which I am told are traces of adware. Can't be certain without uploading a log though, but it hasn't been a problem so I am not too concerned...yet.


Depending on the Registry entries that are flagged by AdwCleaner, it's easy to look them up online to see if they are malicious or not. If you think that they are clean, you can report them in the AdwCleaner thread for the False Positives.

http://www.bleepingcomputer.com/forums/t/571313/adwcleaner-false-positive-reporting-topic/

I agree, if it needs adware it should not be used. Tell that to my roommie. She is a casual gaming junkie and one of her favorites includes the iWin garbage. She can't use the game without it. Its one of the reasons why I keep recommending an iPad to her.


You can ask her to register her and I'll personally send her a PM explaining her this :P

Sorry about the thread hijack poppapug but as I said before, if you scan your computer frequently and it always comes up with detection, it means that you either have a persistent piece of malware installed on your system, or there's a hole in your security setup that let these go through.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:04 AM

Posted 29 October 2015 - 03:19 PM

:welcome: to Bleeping Computer poppapug.

The full version of Malwarebytes Anti-Malware Premium (previous called Pro) includes a real-time Protection Module that uses advanced heuristics scanning technology to monitor your system and prevent the installation of most new malware, stopping malware distribution at the source. This technology dynamically blocks malware sites & servers, prevents the execution of malware, proactively monitors every process and helps stop malicious processes before they can infect your computer. However, no single product is 100% foolproof and can prevent, detect and remove all threats at any given time. The security community is in a constant state of change as new infections appear and it takes time for them to be reported, samples collected, analyzed, and tested by anti-virus/anti-malware researchers before they can add a new threat to database definitions.

Malwarebytes Anti-Exploit (MBAE) is an action level security application that runs in the background as a standard Windows Service and protects against, the malicious action of exploiting software vulnerabilities, blocks zero-day exploits that target browser and application vulnerabilities, blocks exploit kits and defends against drive-by download attacks.

Malwarebytes Anti-Exploit provides three layers of exploit protection (against Operating System security bypasses, memory caller protection, application behavior protection). MBAE continuously monitors popular applications, preventing vulnerabilities in software and browsers from being exploited, blocks unknown and known exploit kits, proactively preventing the exploit from installing its payload before it can do damage. This means that it will protect against code execution that uses a certain vulnerability in an application. MBAE leaves a small footprint...meaning it is not intrusive, does not utilize a lot of system resources and does not use a signature database so there is no need for constant updating.

Malwarebytes Anti-Exploit includes a 14-day trial mode for the Premium version which you can enable during installation by checking the box when prompted. Malwarebytes Anti-Exploit Premium includes additional protecton (Shields) for PDF readers, Microsoft Office (Word, Excel, Powerpoint), Media players and allows the ability to add/manage custom shields. The Premium version requires a registration ID and purchase of a license key after the trial period expires.

Note: There is no difference between the Free, Trial and Premium download files. The installer/setup for all three...Free, are the same. If you are installing for the first time during the install, it will ask if you want a 14-day trial mode. After the trial you can choose to continue using Free or upgrade to paid Premium. If you choose to continue with the Free version, then Malwarebytes Anti-Exploit will still continue providing real-time protection but only against web-based exploits in browsers, browser add-ons and Java.

Malwarebytes Anti-Exploit Resources:

 

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Gorbulan

Gorbulan

  • Members
  • 832 posts
  • OFFLINE
  •  
  • Local time:05:04 AM

Posted 29 October 2015 - 03:24 PM

 

It isn't frequent. I use adwcleaner whenever I install something new, even HP printer drivers. Sometimes I will get generic looking registry entries, which I am told are traces of adware. Can't be certain without uploading a log though, but it hasn't been a problem so I am not too concerned...yet.


Depending on the Registry entries that are flagged by AdwCleaner, it's easy to look them up online to see if they are malicious or not. If you think that they are clean, you can report them in the AdwCleaner thread for the False Positives.

http://www.bleepingcomputer.com/forums/t/571313/adwcleaner-false-positive-reporting-topic/

I agree, if it needs adware it should not be used. Tell that to my roommie. She is a casual gaming junkie and one of her favorites includes the iWin garbage. She can't use the game without it. Its one of the reasons why I keep recommending an iPad to her.


You can ask her to register her and I'll personally send her a PM explaining her this :P

Sorry about the thread hijack poppapug but as I said before, if you scan your computer frequently and it always comes up with detection, it means that you either have a persistent piece of malware installed on your system, or there's a hole in your security setup that let these go through.

 

 

No point if she does not understand, even in layman's terms. I have explained it to her before, she understands enough, but the priority is the GAME. Another reason to kick her on to iOS.

 

It doesn't always happen when I scan, but it has the past few times. Could be a security issue, but I am not so concerned as I need to do a total reinstall anyway, I bungled my last image. :(

 

Anyway...back on track now. OP read quietman7s post, #9. Good information.


Edited by Gorbulan, 29 October 2015 - 03:24 PM.


#11 Chris4835

Chris4835

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 29 October 2015 - 03:24 PM

I'm surprised nobody mentioned Spyware search and Destroy. I've used it for many years. And when you IMUNIZE, it blocks spyware from getting on your computer in the first place.

#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:04 PM

Posted 29 October 2015 - 03:29 PM

Spybot S&D's performance isn't good recently, and its TeaTimer functionality is difficult to use with normal users. There are other offerings that do a better job.

Its Immunize function can be replaced with other choices: The MVPS HOSTS file, Malwarebytes' hpHosts file, SpywareBlaster etc.

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:04 AM

Posted 29 October 2015 - 03:30 PM

mvps.org and many security experts are no longer recommending Spybot S&D (or Ad-Aware) due to poor testing results and ineffectiveness against current malware threats.

Most people don't understand how to use Spybot's TeaTimer and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. If you don't have understanding how a particular security tool works, then you probably should not be using it. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and in some cases it will even prevent disinfection of malware by those tools.

Spybot S&D Immunization feature is passive protection, meaning it does not run in the background. When you "Immunize", entries are added to Windows registry which blocks the storing of cookies from some sites, downloading of selected ActiveX scripts are blocked and a large number of sites known to contain malicious or unwanted software are placed in the restricted zone, by domain (site name) and by range (IP address). Hosts file protection is part of immunization...the "Global (Hosts)" profile typical adds about 15493 entries to the HOSTS file. However, the large size of the Hosts file created by immunization has sometimes been reported to cause problems such as a significant delay when opening Internet Explorer.

In the past there were issues with incomplete immunization when using that feature on Vista/Windows 7 with certain anti-virus programs and other software. Also be aware that ActiveX is not supported by Firefox, so there is no need for this protection if you use that browser.

A better alternative is to use SpywareBlaster which does the same job on a larger scale...places sites in the restricted zone, all by domain (site name), prevents the installation of ActiveX and more. In previous versions Spybot would tell you if SpywareBlaster was installed on your computer that it offered more control over your settings by letting you add and remove sites very easily.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 RolandJS

RolandJS

  • Members
  • 4,533 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:08:04 AM

Posted 29 October 2015 - 03:45 PM

Quietman7, you're right as rain!  I used to enjoy having Spybot 1.62 working!  Now, it's Spybottle 2.2.  However, one still has to know quite a lot of geek stuff in order to make any meaningful change[s] in SpywareBlaster [not to mention SpyBottle].


Edited by RolandJS, 29 October 2015 - 03:46 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 29 October 2015 - 04:30 PM

Spybot S&D's performance isn't good recently, and its TeaTimer functionality is difficult to use with normal users.


On top of which the TeaTimer feature will often interfere with the tools we use here at BleepingComputer (and that are used on other tech support forums) for support and malware removal.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users