Windows 10: Overrun by PUP's Solved

Page 2 of 4 FirstFirst 1234 LastLast

  1. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       22 Apr 2016 #11

    Hi:

    OldMike65 said: View Post
    Malwarebytes does not remove pup's much at all. I even believe they post that on their site.
    Actually, that's not true, as long as MBAM settings are correctly configured to "treat detections as malware".
    That is the default setting, but some users disable it, because they want to keep their PUPs/PUMs.

    Malwarebytes Adopts Aggressive PUP Policy
    What are the 'PUP' detections, are they threats, and should they be deleted?
    Malwarebytes Labs - PUPs

    Having said that, no one program removes 100% of malware/PUPs 100% of the time.
    And, because of legalities, some independently-authored anti-malware tools may be even more aggressive than MBAM at detecting and removing PUPs.

    Download a program like SuperAntiSpyware free version which does a GREAT job of finding and removing pup's. Here is a link.
    http://www.superantispyware.com/
    SAS is great for tracking cookies, something MBAM does not target.

    Cheers,
    MM

    P.S. In the OP's case, they are likely re-spawning from Google sync or a Chrome extension. Until that is resolved, they are likely to reappear on scans.
      My ComputerSystem Spec


  2. Posts : 10,611
    W10Prox64
       22 Apr 2016 #12

    MoxieMomma said: View Post
    P.S. In the OP's case, they are likely re-spawning from Google sync or a Chrome extension. Until that is resolved, they are likely to reappear on scans.
    Agreed.
      My ComputerSystem Spec

  3.    22 Apr 2016 #13

    Hi there

    PUPS are quite different from typical Viruses.

    One of the major problems is that a PUP can often seem like a legitimate program as it's a normal Windows executable -- so you have to consider how do these "PUP blocker" programs decide what's a legitimate Windows program say PHOTOSHOP.EXE and a PUP called say IMAGES.EXE - which might well be a legitimate alternative Windows valid executable file.

    One would probably need a database of these rogue executables updated pretty regularly.

    This is by no means a trivial task - which is why it's wrong to rely 100% on things like MBAM etc -- they won't have a hope in stopping all PUPS if you don't surface the web intelligently and safely.

    I have to admit though getting THAT MANY PUPS on a computer -- that must qualify for a "Guinness Book of Records" entry.

    People should understand also the difference between VIRUSES / MALWARE and PUPS -- totally different types of threats that need different solutions.

    Cheers
    jimbo
      My ComputerSystem Spec

  4.    23 Apr 2016 #14

    MoxieMomma said: View Post
    Hi:
    SAS is great for tracking cookies, something MBAM does not target.
    Cheers,
    MM
    Just for information purposes SAS DOES a lot more than just remove tracking cookies, maybe you should read up more about SAS. Here is clip from their site.

    Advanced Detection and Removal
    • Detect and Remove Spyware, Adware and Remove Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits, Rogue Security Products and many other types of threats.

    Just so you know...
      My ComputerSystem Spec

  5.    23 Apr 2016 #15

    I am VERY grateful to you all for some very comprehensive information (and interesting).

    I will be away for a short period, but will send a MBAM log etc as soon as I can. I did install and use SuperAntispyware - which throw up literally hundreds of cookies etc.

    I am (intuitively) convinced that somehow google is at the centre of this - and very interested in the comment made by posters re - extensions (all the google extensions are disabled as far as I know), but I need some guidance on what to do to overcome the google sync suggestion.
    I dont understand this matter of synchronisation at all, so your patience and guidance on what to do would be appreciated.

    My thanks again to you all.
      My ComputerSystem Spec


  6. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       23 Apr 2016 #16

    OldMike65 said: View Post
    Just for information purposes SAS DOES a lot more than just remove tracking cookies, maybe you should read up more about SAS. Here is clip from their site.

    Advanced Detection and Removal
    • Detect and Remove Spyware, Adware and Remove Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits, Rogue Security Products and many other types of threats.

    Just so you know...
    Yes, thanks.
    I've run SAS Free as a backup, second-opinion scanner for many years.
    I am quite familiar with its capabilities.
    I was merely pointing out the major DIFFERENCE between MBAM and SAS.
    SAS targets non-malware tracking cookies, while MBAM does not.

    Thanks for the tip and sorry for the confusion.
    Cheers,
    MM
      My ComputerSystem Spec


  7. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       23 Apr 2016 #17

    Skofab said: View Post
    I am VERY grateful to you all for some very comprehensive information (and interesting).

    I will be away for a short period, but will send a MBAM log etc as soon as I can. I did install and use SuperAntispyware - which throw up literally hundreds of cookies etc.

    I am (intuitively) convinced that somehow google is at the centre of this - and very interested in the comment made by posters re - extensions (all the google extensions are disabled as far as I know), but I need some guidance on what to do to overcome the google sync suggestion.
    I dont understand this matter of synchronisation at all, so your patience and guidance on what to do would be appreciated.

    My thanks again to you all.
    That sounds good.
    Since you are seeing the same long list of PUPs on all your systems, that points to a possible Google sync issue (or you might simply have the same wonky Chrome extensions installed on all of them).
    The AdwCleaner log would seem to support that deduction, as @simrick and others have mentioned.
    So, you may need to clean out your Google sync data and/or uninstall/reinstall Chrome.

    And, yes, Mindspark can be a real PITB to remove fully.
    It may require some specialized, customized scans/scripts, guided by a trained malware expert.

    Cheers,
    MM
      My ComputerSystem Spec

  8.    23 Apr 2016 #18

    Somebody posted that MBAM does not remove Pups. I've been using it for years, and it detects and removes Pups that my AV didn't find.
      My ComputerSystem Spec

  9.    23 Apr 2016 #19

    Hi there

    Only try this on a VM and then get rid of it after your test. If this software gets on to a REAL machine it can cause no end of endless aggro. I absolve myself from any responsability if you test this type of stuff on a REAL machine !!!!!. On a VM it's safe to test as you can always delete the entire VM from HDD - even better if your VM is on an external HDD..

    Try and see if BUBBLE DOCK can get blocked by the current MBAM offerings -- Bubble dock is old now so it might well be in the database of nasty PUPS but it was one that I remember a while back and the only way I could get rid of it on another persons computer was to completely wipe the HDD and re-install Windows. All the "Removal" type software and cleansing agents didn't work.

    Removal / cleansing software reported machine as "cleansed" but it wasn't !!!!!

    IMO an AFTER the fact scan is really no good - you need to stop this stuff from getting on to your machine in the first place.

    This sort of stuff doesn't usually work BTW for these types of programs.

    Bubble Dock Ads - how to remove?

    Most "Well written" (Sic?) PUPS follow standard Windows Protocols so a quick scan is unlikely to distinguish them from a legitimate Windows executable. That's why if you use something like MBAM you need to update it almost daily with new definitions or it becomes fairly useless.

    A better way would be to have a program that intercepts all calls to Internet services - especially calls to web browsers and then you'd also need another data base of "bad web sites" - also would need to be updated regularly. Not a trivial thing to do so no MBAM program will ever be 100% effective --and that's the truth. The effectiveness of the MBAM software will depend on the accuracy if its databases and the "skill" of the PUP writer in ensuring the PUP looks and behaves as near as possible to a standard windows executable. !!

    Cheers
    jimbo
      My ComputerSystem Spec


  10. Posts : 10,611
    W10Prox64
       23 Apr 2016 #20

    Skofab said: View Post
    I am VERY grateful to you all for some very comprehensive information (and interesting).

    I will be away for a short period, but will send a MBAM log etc as soon as I can. I did install and use SuperAntispyware - which throw up literally hundreds of cookies etc.

    I am (intuitively) convinced that somehow google is at the centre of this - and very interested in the comment made by posters re - extensions (all the google extensions are disabled as far as I know), but I need some guidance on what to do to overcome the google sync suggestion.
    I dont understand this matter of synchronisation at all, so your patience and guidance on what to do would be appreciated.

    My thanks again to you all.
    If you sync Chrome across computers, you'll need to clear that info out:
    Quick Tip: How To Delete Your Google Chrome Browser Sync Data

    .
      My ComputerSystem Spec


 
Page 2 of 4 FirstFirst 1234 LastLast

Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 08:01.
Find Us