What's the use of an Antivirus?

Discussion in 'other anti-virus software' started by Mortal Raptor, Oct 25, 2014.

  1. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    I fix PCs for people as a part time job..... 99% of the time they bring in the PC complaining that it is too slow, popups, acting weird, etc.......

    When I turn on the PC, I get like 10s of popups from TuneUp Utilities, Speed Up My PC, BAIDU PC Faster, etc.....

    Uninstalling them is not very straight forward for your average joe as they ask you many times to keep it and that radio button / checkbox is enabled by default.....

    Now when I run a scan with SAS or MBAM, it finds a lot of other junk like Ask Toolbar, some websearch that is hijacking the browser's search results. Etc....

    I have seen this on computer with Kaspersky Internet Security installed on it mostly and I was thinking, these people have one of the most secure security suites, yet their PC is no better than an infected PC with some virus......

    so really, if one keeps his PC up to date with the latest security patches / latest software... and if he uses common sense as to not install such things, what use is an antivirus really? since in these cases the Antivirus did absolutely nothing to protect them and they had to pay me to fix their PC?
     
  2. DX2

    DX2 Guest

    It's all about knowledge and safe web browsing practice. A lot of the times, its the kids downloading and installing any and everything. But also, some of the adults that isn't very computer savvy end up in the same boat. I've never cleaned a clients computer that had Kaspersky on it. The AV's are usually preinstalled from the factory..
     
  3. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    None of the programs described are a virus. Potentially Unwanted Programs (PUPs) are not blocked by antivirus, as the companies that make them would likely sue for doing so. The users of these computers most likely consented to install these PUPs whether they noticed the checkbox or not. The use of an antivirus is to block a virus. I suspect they are effective for that, though I have not seen one in some time.
     
  4. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    I also fix PCs, and like you have increasingly seen computers with lots of unwanted programs on them.
    Firstly, the majority of these programs are not malicious at all and that is why antivirus software won't detect them. They can be really annoying when they cause a lot of popups and cause slower boot times etc, but they are not harmful, and because of this there is no reason for them to be detected. Sadly, there are lots of scam websites which will claim such unwanted programs are harmful and have removal pages for them, usually with instructions on how to manually remove the program (which is pointless since they can be removed via Add/Remove programs) along with a warning that it can be dangerous to remove software manually, and providing a link to some antisypware of antivirus software which the owner of the website makes money from as an affilitate. Also, in the case of Baidu PC Faster, I have installed it on lots of customers computers as it is free and does a good job helping computers run fast.

    One area where antivirus software needs better detection in my opinion is for the various adware addons for Chrome which can be hard to remove. There is AdwCleaner which is really good a removing such addons, but won't remove them all.

    Perhaps, if people weren't running antivirus software, they would have some actual infections alongside the unwanted programs.
     
  5. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    Right, I am with you, but also, the effects that these PUPs do is similar to a virus, slow down of the PC, popups, etc.

    When I do fix such a PC, other than installing ABP for them to avoid them seeing these ads "click here to run a scan and speed up your PC" for example, what else can I do to avoid them even installing these?
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Isn't there a program called unchecky for that?http://unchecky.com/
     
    Last edited: Oct 25, 2014
  7. FOXP2

    FOXP2 Guest

  8. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    tried it, doesn't do the job 100%
     
  9. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Haha nice image. The problem is that most vendors don't see them for what they are, a huge problem in many cases. No one has sued ESET or MBAM yet for example, and no other vendor would get sued either if they shaped up their pua and pup detections/warnings a little. What are they afraid of :isay:
     
    Last edited: Oct 25, 2014
  10. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    The most common source of unwanted programs being installed is from installers using OpenCandy. Some antiviruses will detect installers using OpenCandy and will quarantine the installer, meaning that is someone downloads such an installer, they won't be able to run it. Some other antiviruses will not detect the installer and will allow it to run, but when it runs they will find and remove the OpenCandy components that the installer extracts to a temporary folder. Doing so allows the installer to run without OpenCandy, meaning that installer will run without providing any unwanted extra software.

    Also, some antivirus software will detect some of the other adware installers and will quarantine the downloaded installer. As to which AV software performs best in this regard, I really don't know as I have never done any testing.
     
  11. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    1,096
    Location:
    Hollow Earth - Telos
    Baidu PC Faster it’s technically not a virus, but it does exhibit plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browser hijacking, and in general just interfering with the user experience. The industry generally refers to it as a “PUP,” or potentially unwanted program......http://malwaretips.com/blogs/baidu-pc-faster-virus/
     
  12. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    that reminds me NOD32 does that. When I used to install uTorrent without NOD32 the setup / ads were different than when I had NOD32 installed before attempting to install uTorrent.
     
  13. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    yup, that's what I meant. In my books, anything that has BAIDU in it is a virus.
     
  14. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    sad thing is i have actually been called out to fix systems that looked very similar to that pic. i remember one where you could only see about maybe 1.5" of the actual browser windows the rest was toolbars. and they had been actually using it like that for a couple months o_O !!!

    i have recently seen another one who had (and yes this number is correct) 423 things installed on the add/remove programs list. the computer was slower than a snail i mean you could turn that sucker on and go out to eat dinner and come back an hour or so later and maybe it would be at the desktop by then.

    in both instances of the above the client had an av installed BUT let them expire. and when i asked on the phone do you have an av.... they said oh yeah of course i do. in the first instance the lady had let it expire OVER A YEAR AND A HALF prior....

    the second case she did have av(S) a total of 7 of them installed ALL expired. when one expired she installed another one.

    anyway my point here is many many of those issues would have actually been prevented with any decent av that detects even some pup's.
     
  15. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    Much of the problem involves apathy. So many users don't pay attention to the process, others don't understand the process. If something promises a convenience or service they desire, they download it. Along with that, some installers are very tricky. Just this morning, I downloaded Pale Moon 27 from Afterdawn.com and four separate PUPs were blocked by Malwarebytes.
    I don't make a practice of downloading from Afterdawn and after today, I'm through with their software library.
    Sometimes, as was the case this morning, the installer is designed to confuse the user by making it appear that if the PUP is declined, the entire process will be terminated. It can be very easy for someone unfamiliar with the process to think it's an "all or nothing" offer.

    More and more, the "clean" websites are moving to adware integrated into the installer and they are doing a great job of hiding the extra content until it has been downloaded. The adware represents income, so don't expect a reversal of this trend. This is why I archive known clean installers for software I will use again on an external drive.
    Softpedia and File Hippo used to be the two I most frequently used. Not so much anymore.
    While you can get a clean download from File Hippo, you have to bypass the website's file manager link and look for the direct download link, and the direct download link appears to be available on only some of the offerings.

    Unsolicited adware won't go away and neither will careless habits.
     
  16. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    Firstly, the latest Pale Moon is Pale Moon 25.0.2. I don't know how After Dawn got a Pale Moon 27?! I only saw 25.0.1 on AfterDawn after searching: http://www.afterdawn.com/software/network/browsers/pale_moon_portable_64-bit.cfm

    Want to infect a PC? Just run Shark007's Codec pack installer and watch your PC get silently infected on the spot. that's why I don't use any software that comes with such crap.
     
    Last edited: Oct 25, 2014
  17. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    Just use AdwCleaner, MBAM, Hitman Pro Trial and SAS if need be it takes to much dam time trying to uninstall all the crapware.

    TH
     
  18. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    Obviously my error
    -or-
    Perhaps that's that's the version with the PUPs :D
     
  19. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    Thanks a lot Triple Helix, never knew about AdwCleaner but it seems exactly the right tool to get rid of such crapware!
     
  20. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,522
    Location:
    USA - Back in a real State in time for a real Pres
    People might as well call their computers toasters. Same amount of thought goes into using either.
     
  21. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    That is simply not true. It is not malicious, does not hijack browsers and is not a rootkit. Actually that description is just a generic one malwaretips uses. I presume they are an affiliate of some of the vendors they provide links to for software to remove these so called threats. It is really shady behaviour in my opinion to state that harmless software is malicious in order to generate revenue as an affiliate.

    While I find it unacceptable that unwanted third party software comes bundled with installers. I find it even less acceptable that there are many websites that state that these unwanted - but not malicious, programs are harmful in order to make money. I personally don't consider PC Faster to be unwanted, but am referring to the crippled trial software which people need to purchase in order to use.
     
  22. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    I'm not sure if uTorrent use OpenCandy or something else. But with OpenCandy, if your antivirus removes the files for OpenCandy then you will not be offered any third party software.
     
  23. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    Ah ok, never knew about the candy thanks for bringing that up
     
  24. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    sorry, to me BAIDU is a virus, some crapware app running a can on every startup and telling me I have 300 errors / click here to fix them IS A VIRUS

    you are entitled to your opinion off course but any PC I tough that has anything BAIDU is getting cleaned deeply. BAIDU PC FASTER, the perfect name for a camouflaged spyware app.

    I don't know how can people even be using their BAIDU ANTIVIRUS
     
  25. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    Maybe you should try it, it's really useful software in my opinion to use on a cluttered system. But, I have no use for it on my current laptop which is performing really well.

    At worst, it can be called unwanted. You can stop it running at startup, and in any case all that pops up at startup is a small window telling you what your boot time was, and if there is anything that it can do to optimize your PC. It's not like a registry cleaner or other cleaning tool which everytime you start Windows tells you how many hundreds of errors of junk files you have, and requires you pay to fix or remove them.
     
Loading...