Why is there no real anti-spyware tool out there?

Topic

New Reply

You will love me for this: anti-virus software is a joke. We don’t get viruses anymore, unless we stupidly open a link in a scam email.

We get SPYWARE. MALWARE. CRAPWARE. Whatever you want to call it, it’s not virus-ware, and it comes in easily through various websites… many of whom do not even know they’ve been infected. These creeping bits of code often even wait until the next day when you restart your PC, so you can never tell where they sneak in from.

They attack your search engines and your browsers, and some install up to 15 or more pieces of crapware on your PC.

There are several tools for “after the attack”, but there is not one single tool that works to PREVENT this stuff. Installing a paid version of any antivirus tool to get better protection is pointless, because they don’t provide it.

What really burns my ass is the big emails like Yahoo and Hotmail (or whatever MS is calling it these days). So many millions of people have had their address books hacked and their passwords changed, it really boggles the mind. And there isn’t a single explanation from those companies. Look, there’s no way these people have been hacked from their own computers unless keystroke-loggers are installed. And of all the folks who’s PCs I’ve looked into, those who have had their contacts stolen and their passwords changed, not a single one has had a logger installed.

I can only surmise two things: one, that it’s the Yahoo and Hotmail servers that are actually being robbed, and those companies won’t tell us that, ever, and two: perhaps there exists spyware that puts a keylogger only in RAM, so we can never catch it.

So my question is: how come? Why is no one looking at ways to prevent this continuing and massive onslaught? And why does no one every talk about it seriously? The weak solution of sandboxing your browser is pointless, because it makes like so difficult when surfing… and because there are millions of day-to-day users who would never figure that out, anyway.

Reply | Quote

Replies

Whether you like it or know it or not, these are all programs that you’ve installed on your system.
They most often come bundled with other “freeware” applications.

So the question is:
Why are you not as carful with what your are willingly installing on your system as you are about the viruses you want to keep off?

Reply | Quote

To whom are you addressing your question? Me? Or the world at large?

If me, then the answer is twofold: one, these are most definitely not programs I’ve installed on my system. (How could you even ask that… you have no idea what is on my system. You are assuming I am stupid enough that I don’t check the dialogue boxes when I am installing something.)

Two, the answer to your first statement makes your question illogical. But I should add that you’ve made a massive assumption here, and I find that odd coming from a moderator.

And finally, I have no spyware or other crapware on my system, period.

Sorry, FINALLY, I don’t see an answer to my original question. So might I ask why you bothered?

Reply | Quote

Two, the answer to your first question makes your second question illogical.

mmmph can only count one question.
:cheers:

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

“mmmph can only count one question.”

True, apologies. Edited to reflect 1. statement and 2. question.

But not really helpful in my quest.

Reply | Quote

Two programs you can have a look at and they are HitmanPro.Alert and Trusteer Rapport which are browser guards, with the latter’s installation insisted upon by some banks.

Another is CryptoPrevent but I wouldn’t recommend that because it seems to take over your computer, but the choice is yours.

A Google for such programs may glean some more, but they are the only three that I know of.

Instead of having a rant, why not just ask if anyone knows of such programs….

Reply | Quote

Two programs you can have a look at and they are HitmanPro.Alert and Trusteer Rapport which are browser guards, with the latter’s installation insisted upon by some banks.

Another is CryptoPrevent but I wouldn’t recommend that because it seems to take over your computer, but the choice is yours.

A Google for such programs may glean some more, but they are the only three that I know of.

Instead of having a rant, why not just ask if anyone knows of such programs….

Trusteer is used by financial institutions to protect traffic, but does not offer support against any kind of spyware. Hitmanpro.alert is new to me, but it is also banking trojan software. I will try it, thank you, to see if it offers support beyond that kind of site.

As to the rant, sorry you see it that way. It’s my way of focusing the conversation of what’s really important, and what’s being ignored. As a repair guy, I see hundreds and hundreds of afflicted computers. There needs to be a heightened awareness. So I included my opinion on the situation. You most certainly have.

Reply | Quote

Funnily, my systems are pristine, in that regard. I only once became close to get a piece of adware, just as Clint posted, through some software that I wanted to install – don’t really remember if it was Adobe that almost made me catch it, or if it was something else like Java (which I need to have, of all things, tax returns submissions).

So, while the environment has definitely grown riskier, anyone can keep themselves clean through careful choices of what to download and to accept.

On the other hand, several antimalware programs protect against some types of these invasive software. There quite a few that detect warn / prevent the installlation of PUPs (Potential Unwanted Programs). I won’t give specific names, even more so because I am quite angry at the one I use now, since its stupid, mandatory, auto updating features cost me one day of work, recovering from damage done to my working code editor.

Reply | Quote

On the other hand, several antimalware programs protect against some types of these invasive software. There quite a few that detect warn / prevent the installlation of PUPs (Potential Unwanted Programs). I won’t give specific names, even more so because I am quite angry at the one I use now, since its stupid, mandatory, auto updating features cost me one day of work, recovering from damage done to my working code editor.

I have not found one yet that works. I have tested and installed all kinds of things to help my customers, yet many still manage to get stung. Granted, some are not as careful as they should be when surfing, but I guess the point really is that we need a way to prevent this junk, not a way to describe why it’s happening.

Reply | Quote

Trusteer Rapport is pushed heavily by a number of UK banks, but many people who originally installed it found so many problems and slow-downs that they banished it for ever and ever from their machines.

If any bank required me to install Rapport for online access I would change banks.

BATcher

Plethora means a lot to me.

Reply | Quote

As Clint has said, a lot is really down to the user and the sites they visit, not to mention clicking on links in emails from unknown senders – however tempting the offers.

I’ve recently replied to another thread on bundled adware where I came across one program that was suggested by someone on another forum, where it had an EULA box pre-checked which informed that the download included a bundled uninstaller.

The box and info was quite small that it could easily have been missed.

Another con is the big green download button that some mistakenly click on and end up with all sorts of crap on their machines.

I’ve never used Rapport but HitmanPro.Alert includes CryptoGuard.

However, from a recent experience when running the older v2.0, it informed me that my IE had been compromised and to run Hitman Pro which is a paid for program.

Instead, I ran the free version of MBAM, Norton 360, Norton Power Eraser and ESET Free Online Scanner which all came up clean.

This coincided with an update that applied to v3.0 which I think may have corrupted my v2.0 so I dumped it.

The reason I stayed with v2.0 was because v3.0 while being free at the time, put a yellow alert on my Teredo Tunneling.

Reply | Quote

Prevention for the types of infections you seem to be describing, drive-by attacks, is mostly down to keeping your software, browser(s) and plugins and OS updated.

Any unknown/zero-day vulnerabilities should gain some extra protection from using EMET or Malwarebytes AntiExploit (MBAE). The Pro version of MBAM will also go some way to providing protection from most recently discovered malware serving such exploits, as will a good hosts file like hpHosts (by blocking known malware distributing servers), providing it’s updated regularly (HostsMan is good for this).

Reply | Quote

“Prevention for the types of infections you seem to be describing, drive-by attacks, is mostly down to keeping your software, browser(s) and plugins and OS updated.”

Yes, thanks, and I am very aware of these precautions. I am referring, of course, to regularly updated browsers and plug-ins. Updated software depends on the software. For example, constant notices to update your HP printer are just silly. Only software that might suffer from exploitative attacks need to be kept up-to-date. In particular, Flash and Java… no point in turning either of those OFF, because they are still widely in use by the majority of websites that used animation and video.

Unfortunately, MBAM and others only offer protection post-attack, which is often pointless once the damage has been done. Sort of like antivirus tools that run a scan every day. If your antivirus tool does not find anything the first time you run it, then your are protected from what it knows as bad stuff. If you run a scan after that, and it finds anything, then it is not doing its job. Further, it rings in an oxymoron: if it didn’t prevent something from being downloaded, then it’s not going to find it during a scan anyway.

Thanks for the info on EMET and MBAE… I will look into MBAE. EMET is for software on your system, which rarely if ever gets exploited, in my experience, and is for enterprise use where networks are susceptible to viruses. MBAE looks interesting.

Reply | Quote

Java in the browser is almost extinct for most users outside the enterprise. Flash is rapidly heading in the same direction.

MBAM Pro offers real-time defence.

EMET is for software on your system, which rarely if ever gets exploited, in my experience, and is for enterprise use where networks are susceptible to viruses.

Really?

Reply | Quote

“Really?”

Yes, really. I don’t see where else it’s going to protect. For example, will malware get into my PhotoShop installation? No.

But to the point of Java and Flash. Neither are extinct yet, and while many many designers and users are calling for the death of Flash, that won’t happen until there is a viable alternative that the primary makers of browsers can agree upon (like HTML5, Microsoft!), in terms of standards.

Besides, they are just two obvious examples of exploitation, and certainly far from the sole criteria.

Reply | Quote

Java in the browser is almost extinct for most users outside the enterprise. Flash is rapidly heading in the same direction. MBAM Pro offers real-time defence.

Okay, can we look at MBAM Pro, or Premium, as they refer to it?

1. Shields Java (almost extinct, but…)
2. Shields PDF readers. Okay. Hmmm.
3.Shields Office installations. Yes, these would be enterprise pieces of software when used over a network, and susceptible to “viruses”. But not spyware that I’ve ever heard of.
4.Shields media players. The only media players I know that are susceptible are freewares from unknown sources.
5. That leaves us with shields browsers, and custom shields. If it does, then it is worth it. If it really does, then why aren’t they ballyhooing this fact and becoming the biggest security software company out there? Maybe it’s too new. I will check it out.

Reply | Quote

Well, I dunno…I never seem to get any malware. What am I doing wrong?

Reply | Quote

MBAM Pro has real time Malicious Web Site blocking. I’ve had it trigger on several sites on my PC.

Jerry

Reply | Quote

Not conspiracy theory, just speculation. Show me another reason.

Reply | Quote

I have found that certain people are going to get infected, no matter what you put on their computer. Others never seem to get infected.

I can compare two people who are probably about equal in their expertise of computers and these issues: My wife, and my former pastor. My wife NEVER gets infected, even before we got married and I started maintaining her computer. My former pastor, however, always has something on his computer — malicious search engine, etc. And that was with me doing the maintenance on it.

Some people naturally understand how to be careful; most don’t have a clue.

BBB, it would be nice if you could tone it down a bit. We are all doing the best we can, and none of us are paid for what we do here.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

I have found that certain people are going to get infected, no matter what you put on their computer. Others never seem to get infected.

I can compare two people who are probably about equal in their expertise of computers and these issues: My wife, and my former pastor. My wife NEVER gets infected, even before we got married and I started maintaining her computer. My former pastor, however, always has something on his computer — malicious search engine, etc. And that was with me doing the maintenance on it.

Some people naturally understand how to be careful; most don’t have a clue.

BBB, it would be nice if you could tone it down a bit. We are all doing the best we can, and none of us are paid for what we do here.

And maybe she just does not visit those kinda sites, whilst….;)

nuff said, in essence I am in agreement. SOME people just seem like magnets to this sorta stuff.

:cheers:

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

And maybe she just does not visit those kinda sites, whilst….;)

nuff said, in essence I am in agreement. SOME people just seem like magnets to this sorta stuff.

:cheers:

When I first met my wife, I found that her computer was clean as a whistle — absolutely no malware. She told me that her sister’s kids always wanted to get on her computer, but she wouldn’t let them. On the other hand, her sister’s computer often has problems. Moral of this story: be careful who you let use your computer, because an uncareful user can bring malware to your computer. Your kids could be the culprits.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

When I first met my wife, I found that her computer was clean as a whistle — absolutely no malware. She told me that her sister’s kids always wanted to get on her computer, but she wouldn’t let them. On the other hand, her sister’s computer often has problems. Moral of this story: be careful who you let use your computer, because an uncareful user can bring malware to your computer. Your kids could be the culprits.

And no cure for that. The solution I recommend is a mobile rack with a disk for guests and another for the ‘adults’. A good easy solution until they figure out how to easily write bad stuff to the Uefi.

:cheers:

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Tone it down? Where?

Reply | Quote

Well, you never know where Pastors go ;):)

Reply | Quote

Well, you never know where Pastors go ;):)

Sadly, this is too often the case.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

We’re veering off track here. I should probably have titled it “Is there any reliable software for spyware”, but whatever the case, how someone plays on the Web isn’t the issue. Finding ways to prevent damage when they do is what’s at stake.

And for those with multiple users, simply set up a guest account, non-administrative and pop in a password to log onto your account, but not the guest account. Then no changes can be made to the operating system. Most crap on the guest side cannot be installed, and even if it is, it stays on the guest side.

Reply | Quote

BBB, I don’t think there is any way to prevent damage with a user who plays unsafely on the web. You would need a totally managed and restricted environment, such as an internet filter which is totally white-list — that is, that the user can’t get anywhere except those sites which are on the white-list. I don’t think there are very many people who would be willing to operate under those restrictions.

I have heard of “deep freeze” types of software — that is, that allow no changes whatsoever to the computer. Perhaps something like that would do the job. Also, in the case of a school computer lab, the network could restore the standard image every night, which means that every morning you would start with a clean, pristine environment.

As for multiple users, your method is good IF the regular user remembers to log out when he is finished.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

phelps, we have to give people a little credit, right? The computer owner will know, because he/she would be the one implementing the guest account in the first place.

And yes, once a guest account with no admin privileges is set up, only an expert can fudge with it enough to cause any damage to the OS. Yes, spyware can creep in, but nothing can be installed without permission, and once the owner logs into his/her account again, anything bad is contained to the guest account. I’ve seen it countless times with people here who let their maids/gardeners/neighbours kids onto their computers. (Remember, I’m in Mexico most of the time, on Lake Chapala south of Guadalajara.)

Reply | Quote

A lot depends upon your views and default behaviour on the web. Is the web for you:

1). A giant open buffet full of temptation, and you are determined to sample?
2). Something of a battleground, rife with cads, shysters, spies, marketeers, criminals and worse? And you see no point in inviting those types into your life?

People of the former persuasion get p0wned every day, and they may not know or care. People of the second category are often rather safe but if they do get taken, they take it personally. Meaning they learn from their mistakes.

Reply | Quote