What's the use of an Antivirus?

For newbies, to prevent infections real-time. For techies, to scan downloads on-demand (yes VirusTotal is using AV). For security experts, essentially none.

Your post itself was already answered, so I'll just reply to the thread title.

 

i will never install anything like baidu on any clients systems. or anything similar. and imo on systems like the ones i mentioned before in this thread i tell the client honestly for the time it will take me to fully clean everything up we could simply do a clean windows install and just move all their files back to the new installation. its MUCH less time and much cheaper for them imo. but if they insist we clean it up, then we will do that also.

 

I always clean up computers rather than doing a clean install. I find it quicker, as doing a clean install takes a long time for me to do, as I not only install Windows, but I also install every available Windows Update, and install driver updates etc, and any manufacturer specific utilities which I think will be useful.

 

we do the same as far as updates and always the latest drivers unless they require vendor specific ones which sometimes is the case (where the newest version of a driver say synaptics refuses to work with older hardware) drivers etc. but i have people sitting in the office who can do the updates while working on other things while im on the road doing other jobs. they can simply start them all and let the system run till it needs a restart. we can almost always have a system back the very next day (sometimes same day depending on what time i get it to the office) when doing a fresh install. if the system only needs minor cleanup (some adware / toolbars home page redirect, a rouge av etc) or has a single infection and it was not a real nasty one of course ill clean it first. but as i said when speaking of ones like my first post in this thread it would have literally taken HOURS to have cleaned up a system like those well enough where i would be comfortable saying its okay to be used by a client. and 99.9% of the time people do not want me to reinstall "the extra junk" from the manufactures. i always ask first but very rarely ever reinstall that stuff except if the laptops requires one of them. when people want those of course i will but its VERY rare people actually do on a clean install they are happy to get rid of it all most of the time.

and i always make sure all clients have an av. either free or bought from us or one they bought say at staples. doesnt matter always make sure to have something on the system. i also always try to set it up for as little interaction as possible for the majority of people.

 

Last machine I cleaned had over 2500 items of crapware most;y compiled by someone overly click happy with"free" download apps etc.

Baidu is pushy it was even bundled in a malware pack I was testing, very hard trying to uninstall it as it was a Chinese version, a pain in the ass at times but not malicious.

Av`s are needed by regular users but not by techy types but then again if it`s not using many resourses why not ?

Regards Eck

 

Ah, understood, maybe I was confusing that part which I think another utility SpeedMyPc was doing asking me to pay to fix like some 700 errors or so on a clean laptop! LOL

 

and what AV do you install for your clients? I ask because I value your opinion so much on these forums and want to use what you use.

 

=> Anti-Malware software stops Malware...hopefully...eventually.
=> Anti-Malware software cannot stop PC-Users from being Uninformed, Ignorant etc.
and in turn, install Crap-ware.

 

When I clean clients computers, I use Adwcleaner and HitManPro. Removes everything. Then I install Avira free on their computer.

 

That will have been Uniblue's SpeedUpMyPC. The number is so high becuase it is not only counting registry errors, but also every junk file it finds as well as some other things too. I just did a scan on my laptop and it 4,055 issues with my PC.

It's not software that I use or recommend, but I thought I'd install it and run a scan since I had the installer sitting in my downloads folder.

 

LOL! You actually did that?! Very brave move I must say!

 

For irresponsible, click-happy users their superior rights have to be taken away. I think I don't need to mention what tools and tweaks can be used to achieve that goal. Bottom line is, the main problem is about the users having the power to make decisions themselves, a common practice in AVs.

 

it depends on the client and the situation. i try to base my decision on their habits. for instance if they like to install everything under the sun all the time i would try to use something better to detect pup's and block them from doing this. i also set up the av to auto block them from doing this and explain to them if the av says not to proceed they should listen. sometimes this can block a legit program but i know this way they are better off safe then not.

we deal with 5 current av's and they all have their strong points (and weaker ones). i prefer them not to use free ones when possible because personally i prefer paid versions and most people hate being annoyed by the "buy now" junk that bothers you. but when they do want free i have no issue doing that or i will offer them a very good discount on a paid product (with my services of course).

ill shoot you a pm when i get home only because i dont want to get into the a vs b thing here in the forum since i know its not allowed and i may head that way with my info.

 

Thanks a lot, I am like you most of the time with my take on these things and especially that I do not like to clean a system as I prefer a fresh clean reinstall, fixing is never the same. Awaiting your PM

 

ill be home in a couple hours to pm. out with the family right now. talk to you in a bit.

 

Have fun bro

 

Not brave really. Like most of the unwanted software that gets bundled with installers, it is not malicious in any way, can comes with an uninstaller so it is eaily removed. Also, it's worth noting that if you were to actually buy it (I wouldn't do so personally) it will actually fix all of the issues found. There's a misconception that programs like this display fake issues in order to encourage you to buy them, and that the paid versions don't actually fix the issues. But this is simply not true. If I was to do a Google search for speedupmypc removal, I'm sure there would be plenty of sites saying that this software is malicious, and offering removal instructions for it along with links to antimalware or antivirus software and the suggestion that it is safer to remove it via the software they suggest rather than doing so manually. However these are scam websites which make money as affiliates of the security software they recommend.

 

Not much you can do that will be 100% effective. Unchecky was mentioned but as you said it is not 100% effective. OpenCandy was mentioned as a source. You can avoid that by blocking their domain(s) in your hosts file. Over the long term I have found ABP to actually be the most effective thing I have used. People will always manage to find a way to get these programs install though...

 

Thanks for this tip bro! I just added these lines to the hosts file to block the OpenCandy:

127.0.0.1 tracking.opencandy.com.s3.amazonaws.com
127.0.0.1 www.tracking.opencandy.com.s3.amazonaws.com
127.0.0.1 media.opencandy.com
127.0.0.1 www.media.opencandy.com
127.0.0.1 cdn.opencandy.com
127.0.0.1 www.cdn.opencandy.com
127.0.0.1 tracking.opencandy.com
127.0.0.1 www.tracking.opencandy.com
127.0.0.1 api.opencandy.com
127.0.0.1 www.api.opencandy.com

 

That's handy to know that you can do that to block it. But, I guess that people who are going to go to trouble of modifying their hosts file are going to be smart enough to not blindly click the next button without checking what is going to be installed when installing new software, so wouldn't get any third party software installed anyway. At least that is the case for me anyway. I install new software at least every few days, and these days I pay very close attention to what is going to be installed.

Having said that, in the next few months I am going to write my own program for removing unwanted programs and toolbars, which will be able to remove a lot of the unwanted programs which get installed via OpenCandy and other installers.

 

The nice thing about blocking it in the hosts file is that you won't get prompted to install the stuff in the first place. Lately if you don't click "custom" install you will get this junk installed without ever being given the checkbox to uncheck.

 

I prefer 0.0.0.0 to 127.0.0.1. It takes less memory if you have a lot of entries (it's only text so it may not amount to much, but still, any savings is good), plus, 0.0.0.0 actually goes nowhere immediately, where 127.0.0.1 has a timeout period that it actually tries to locate this on your localhost.

 

Nice to know that thanks..

 

ohh perfect! Thanks man

 

When I clean a clients PC, I normally do a clean install. When they want the pc cleaned, I use:

AdwCleaner
Hitman Pro
MalwareBytes
EmsisoftEmergency Kit
HerdProtect

I also install and use Ccleaner and autoruns and uninstall other crapware.

Depending on the client, I offer paid AV in the form of Avira, Webroot, Trend or ESET (trend is a new addition). Most clients choose Avira Pro. Some will not pay and they receive Avira Free or Panda Cloud.

On occasion I use TDSS Killer too.