[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Anti-Spyware

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.

Share tech news, updates, or what's on your mind.

Sign up to Post

September 2018 AV Comparison Results are now available.

Real-World Protection Test September 2018 – Factsheet
Malware Protection Test September 2018

Some surprising stats this issue. See how your preferred AV fared in the tests...

0
Webinar: Cyber Crime Becomes Big Business
Webinar: Cyber Crime Becomes Big Business

The rising threat of malware-as-a-service is not one to be overlooked. Malware-as-a-service is growing and easily purchased from a full-service cyber-criminal store in a “Virus Depot” fashion. Join us in our upcoming webinar as we discuss how to best defend against these attacks!

After this morning's debacle with Malwarebytes, I got to thinking about another package that I recently discovered — Emsisoft. They seem to be pitching the product as both anti-malware and anti-virus. Anyone have personal experience with it to share? Thanks much, Joe
0
LVL 107

Expert Comment

by:John
Malwarebytes is neither the first vendor nor the last to make mistakes like this. You said in another post that they have issued a fix. So I suggest you not make a hasty exit. The next one along will make the same mistake in due course.
0
LVL 62

Author Comment

by:Joe Winograd, Fellow&MVE
Thanks for the comment, John, but I do not plan to stop using Malwarebytes...sorry if my post implied that. The incident simply triggered my thinking about A-M/A-V products and caused me to remember that I received a free, one-year subscription to Emsisoft when I upgraded my SyncBackPro from V7 to V8. But I never heard of Emsisoft and am hoping to get some feedback from fellow EE members about it. Regards, Joe
0
Malwarebytes is gobbling up all physical memory! Started about an hour ago here. It also turned off real-time protection. Must be a bad MBAM update. Anyone else seeing this? Only choice right now is to uninstall it, as far as I can tell.  Regards, Joe
0
LVL 24

Expert Comment

by:Andrew Leniart
Thanks for your update Joe.  I just re-enabled the Malwarebytes service and started it. Did an update and can confirm the issue has indeed been resolved. It's why I don't go to all the trouble of uninstalling.

Just about any software vendor will royally screw up like this at least once, so instead of uninstalling, I just disable and get on with my day. It also perfectly illustrates why I never rely on a single security package to keep me safe :)
0
LVL 62

Author Comment

by:Joe Winograd, Fellow&MVE
You're welcome, Andrew, I'm glad it's resolved for you, too.

I also don't rely on a single security package, although you have to be very careful when running more than one...in some cases, they can conflict with each other and cause a lot of grief. That's why you hear the popular caveat of not running more than one anti-virus product on the same machine. Cheers, Joe
0
0
Microsoft released a video about Ransomware.  Surprisingly good.

Take a look at it here...

https://resources.office.com/ww-thankyou-ransomware-what-you-need-to-know-video.html

Curious about your thoughts on the advice being given?
1
LVL 32

Expert Comment

by:Thomas Zucker-Scharff
Prevention is the takeaway. Always has been to me.  I think this is a little on the late side,  better late than never. We've had better responses here on EE than this one, imho.
0
LVL 24

Author Comment

by:Andrew Leniart
I think this is a little on the late side,  better late than never.

Good point, although I'm often surprised how many business owners I still come across who say something along the lines of "Ransomware, yeah I've heard about that. What's it all about?" Better late than never is a good sentiment, but if it gets the information over to some people who still have their heads buried in the sand, then I think its great.

We've had better responses here on EE than this one

You've won that argument :)  Although this is very much aimed at non-tech savvy people and I see that as one of its strengths.  

Thanks for sharing your thoughts.
0
For those who like to keep up..

The latest AV Comparatives Real-World Protection Test February – June 2017 has been released.
2
"Prohibits the DOD from using software platforms developed by Kaspersky Lab due to
reports that the Moscow-based company might be vulnerable to Russian government
influence."

https://www.armed-services.senate.gov/imo/media/doc/FY18%20NDAA%20summary2.pdf

https://www.bleepingcomputer.com/news/government/senate-gets-ready-to-ban-kaspersky-products-as-fbi-interviews-companys-us-employees/

2
There seems to be a general consensus that if you've been hit with a Ransomware Virus, especially if by a newly discovered strain of ransomware, and do not have a reliable and unaffected backup to restore from, that all hope is lost.  

This is not necessarily the case!

Whilst it's true that Ransomware is one of the most difficult "destructive infections" to recover from, recovery should never be considered impossible.

Advising those seeking help that they should just accept defeat and wipe all chances of recovering their data is bad advice. This is a point that has been proven time and time again, particularly with past Ransomware strains that were once considered hopeless, yet have now had decryption recovery tools developed to restore data.

If you have been hit by a Ransomware Virus and don't have a backup - do not accept advice that you should just cut your losses, format your hard drive and admit defeat. That's just letting the criminals win.

The first thing you should do (after deactivating the virus) is make a Full Image Backup of your affected hard drive using an imaging backup tool like Acronis, Macrium Reflect or similar so as to have a copy of all files that were encrypted.  Safely store that backup away for future recovery attempts, or to restore from if a recovery attempt goes belly up.

Once backed up, Wipe and Start fresh if desired to get back to a working …
3
LVL 24

Author Comment

by:Andrew Leniart
Security companies do have excellent heuristics and definitions,  but they will never catch everything.

No argument.  But doesn't it then naturally follow that they can never "block" or "prevent" everything either?

Using that train of thought, even with all of the security software that you have protecting your machine(s), how can you be certain that you don't have a key logger recording your key strokes right now? Or a yet unknown time bomb trojan just waiting to jump up and deliver its payload? How could any system ever be trustable?

I'm honestly not trying to be argumentative here, it's just that the logic behind your conclusion is escaping me.

If you can't trust your security software to clean up an infection that has been researched and that it knows about, then how is it that you can trust the same software to prevent a yet unrealized one from occurring?

I'll agree we probably need to disagree.  

Life would be too boring if everyone agreed on everything anyway. :)

My thanks again for your input.
1
LVL 32

Expert Comment

by:Thomas Zucker-Scharff
I guess what I meant was that no one security software is likely to catch everything.  That is why I have a multilayered approach on my machines.  But you are correct, I do not feel safe even with that.  I guess I am on the paranoid side, which begs the question, "Is one paranoid, if the fear is true?"  That is a paraphrase of the original question.

The biggest problem, IMHO, is that to secure one's computer (and still have a computer that actually works, instead of one filled with cement), one needs to put enough security software on there that it slows down even the best of computers.

I would like a product that doesn't hog resources and assures me that I will never get malware of any kind (like that is happening).
2
7
LVL 19

Author Comment

by:Kyle Santos
Nice.  Thank you.
1
LVL 130

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
I blame the NSA for creating the tools!
4

Anti-Spyware

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.