I've got a friend, a senior, who for the 3rd time has his computer infected with pop-ups as he goes on the web. Things like Conduit, MyWebSearch, WebOptimizer, etc, that av's like his installed Norton Internet Security do not seem to block. I've told him how to use the web safely but this has happened again. I don't think telling him he has to change his ways will help. I installed MBAM Premium about 2 months ago in hopes that it would stop this. But the program kept malfunctioning and saying it needed to have its database updated, yet would never be satisfied even after it was run, it kept popping up saying it needed update. Two reinstalls did not help. I contacted their support and they gave me a long list of things to do, diagnostics to run, so much so that my friend just said to remove the program. After the last time I cleaned it up, using 5 or 6 malware scanners, he was ok for about 2 months. So my question is, is there another program that might run in the background to block installation of PUPs? Thanks
You can use Unchecky(http://unchecky.com/), that is what I use for my family that gets tricked into installing PUPS.
For realtime protection: Most of AV's detect the Potentially Unwanted Programs (PUP). i.e. http://www.pcworld.com/article/2603...ially-unwanted-programs-pups-from-biting.html For on demand scan: 1) AdwCleaner 2) Junkware Removal Tool
While AdwCleaner does a very good of removing PUPs, no software will remove (or block) them all. However, aside from some of the adware browser addons which are not so easily removed, PUPs do come with uninstallers. The problem is that PUPs are not malicious. There are plenty of websites which will tell you they are malicious in an attempt to get you to install antimalware software which they will make money from if you buy it. But, the reality is that these "unwanted" programs are not harmful. So while they can be highly annoying, especially when they are installed silenty alongside other software, there are people who knowingly install unwanted software and may end up purchasing it.
Another tool for removing adware and unwanted programs is Adware Removal Tool. However there is a major flaw in the design of both AdwCleaner and Adware Removal Tool (which copies the user interface of AdwCleaner) in that they do not list the particular software that each found file and registry key belongs to, which causes a major headache if there are some detected programs you want to keep - which is usually the case for me. But, they're fine if you want to remove everything.
@vincenzo :"So my question is, is there another program that might run in the background to block installation of PUPs?" So is he asking for removal suggestions My votes also go to EMSI and ESET for detection/prevention
This. Install Sandboxie and configure it to empty sandbox when browser closes. Tell your friend something like this: "from now use this yellow icon (Sandboxie icon) to go to the internet. Nothing you'll do in the internet will be saved to your computer. Use only this icon (IE, Chrome, etc) to go to the internet if you need to do something exceptionally important or really need to save something in your computer." It worked fine with 2 clients of mine (the only ones that i installed sandboxie, because of the same problem you're having). After more than 1 year his computer was clean, and it only needed some basic maintenance (updates, defrag, etc.). Edit: you can manually configure exceptions to allow bookmarks, history, etc to be saved, but personally, i prefer to keep it simple and straightforward.
Thanks to all for the replies. Yes, I am right now just concerned with info on blocking installation, although the cleanup apps info is useful. After researching what has been suggested, I am going to try ESET Smart Security and EMET (which I've used for a while on my own computer and it has never created any issues). By the way, when doing the research I came across this thread that has a lot of really good info https://www.wilderssecurity.com/threads/anyone-know-a-great-av-that-blocks-pups-well.360546/ Thanks for the Sandboxie suggestion, I will experiment with that on my own computer first to learn more about it. Unchecky looks good, but it is still in beta, not something I want to install just yet on someone else’s computer. I am unclear whether Unchecky will block install of PUPs if there is no checkbox present for it in the installation dialogs that are being presented, in other words, hidden installations. Any thoughts on that? Thank again to all.
FWIW, There is three user optional detection categories found in the setup-tree for Suspicious applications, Potentially Unwanted Applications and Potentially Unsafe Applications. What is a potentially unwanted application? http://kb.eset.com/esetkb/index?page=content&id=SOLN2629 Many will be detected as PUAs: http://virusradar.com/en/glossary/pua ....while some others may be detected as Adware: http://virusradar.com/en/glossary/adware
If it's any help to you, I use Emet, Eset and Sandboxie in combo. Also, if it's any help to you, I went down the Sandboxie route specifically because, even with AV protection and good updates, some of the machines I look after were getting these Pups and other infections. After rolling out Sandboxie - nada.
There's a very light free program called Unchecky that makes sure you have not overlooked pre-checked boxes on installers, and uses additional methods to warn of installers attemptng to sneak-in PUPs http://unchecky.com/ As far as friggin Conduit goes, I'm convinced it sneaks in by many installers without you having OK'd it with a check mark. They do have a check box on many installers AND actually have a EULA, but I'm convinced they use those as a pretext for dissuading AV's from blocking it's installation for legal reasons. Conduit is a sinister pain in the azz. In addition to others mentioned, Webroot has started to take a more aggressive stand against PUPs but I believe that it is limited to PUPs that have the capacity to behave in a malicious way. Sadly, the ability to merely start popping up ads while being a total annoyance, in and of itself, is typically not regarded as malicious behavior. Bitdefender has recently released a free Ad Ware scanner and remover, but as of the moment it is not detecting all adware. Hopefully it will be improved over time. The attempts to block malware, cybercrime, PUPs, adware, spyware is a perpetual war. Something like US military-industrial-big money led US foreign policy. We'll never stop either - there's too much profit to be gained. We don't need anti-virus/malware/PUP/Ad Ware blockers. We need greed reducers and anti-psychopathic drugs introduced into the water supply everywhere. Would do a heck of a lot more than Flouride. There is always hope: http://www.bbc.com/news/technology-30146176 Countered by discouragement: http://www.winbeta.org/news/psa-cha...ing-has-hacked-windows-live-psn-and-2k-gaming The Road Goes on Forever and the Party Never Ends. Somewhere in a Land far, far, far away there is a free,open,neutral, high-speed, hacker/criminial/ script-kiddie free/privacy protected/secure internet. When I find it I'll send you an email. My apologies for the OT/thread-hijack/mini-rant.
FWIW: Softpedia Editors liked Unchecky: 5 star rating. http://www.softpedia.com/get/System/OS-Enhancements/Unchecky.shtml
Maybe something like Toolwiz Timefreeze etc would save your friend and you alot of grief. Regards Eck
I had good success in the past with a setup like this for a family member who doesn't install or configure anything, along with a separate data partition that was not virtualized.
The good thing is you can hide these types of program to an extent that granny or grandpa dont even know it`s on their system...he,he,he. Regards Eck