In part 1, I tried to explain reasons behind some of the decisions anti-malware companies make when designing their products. In this part I'll touch some other side-effects of those decisions and what they mean for power-users.
This site has been blocked
In general, I need a very basic antivirus protection - when I make a mistake during my reversing session or web browsing, it should stop malware from:
- becoming persistent on my computer;
- sending any data to its C&C server
I'm not retarded and can read and think for myself - therefore I don't want "anti-phishing protection", "parental control", "safe banking", "vulnerability scan" or any other features aimed for persons who shouldn't be using Internet in the first place.
So, I always configure my antivirus to have just very basic on-access scan and firewall enabled, and all other components switched off. You can imagine my surprise when in last 2 days I have been greeted with these messages on 2 separate sites:
WTF guys, I have switched off every component I could - why are you still active?! And why are you bugging me with this nonsense?
Make it more user-friendly
I'm very sure that the answer is very simple: somebody in the UI/UX department decided that Bitdefender UI needs to be simplified. So, they took the UI that actually made sense, and fucked it up.
Here's how settings looked like in year 2013 (image (c) Softpedia):
And here's how it looks in the Bitdefender 2016:
Antispam and Firewall have been moved to their corresponding module, but "Antimalware Filter" has disappeared altogether. After all, who would ever want to disable it, right?
To make matters worse, here's how the alert looked in Bitdefender 2015 (image (c) PCRisk):
See, there was "Settings" button right at the top of alert page and you could disable "Antimalware filter" from there. Well, they "simplified" that option away as well. Geniuses!
But I really want to disable it!
Luckily, you still can. 🙂 All Bitdefender settings are stored in C:\Program Files\Bitdefender\Bitdefender 2016\settings\. However, to be able to modify files, you will need to start your computer in safe mode.
The file you're looking for is cloud.http.xml. Find your user name in it, and you'll see a section like this:
<user name="Administrator"> <active>true</active> <timeout>400</timeout> <status value="default">false</status> <status value="malware">true</status> <status value="phishing">true</status> <status value="fraud">true</status> <status value="untrusted">true</status> <status value="bank">true</status> <bank> <add> <domain value="" option="ask"></domain> </add> </bank> </user>
Apparently, there are more few settings which are hidden in the UI. I can only guess the exact meaning of them but - to be honest - I don't care. I just want this bugger to be gone from my machine. So, I changed "active" to "false" and for the good measure disabled each and every component as well. After a reboot, it all works the way I want, and I can access all the sites I want.
Great success! 🙂
I can recommend avast, don't know if you tried it yet yourself. Timed disabling and disabling in general works pretty good for me.
If I ever decide to switch AVs, Avast would be quite high on my list. But that was not the point of the post.
The point was to encourage readers to look for hidden goodies that are not accessible via UI - and pretty much every AV has some of those.. 😉
That's why I say myself is the best antivirus.
I decide what files I download, and I don't care if avast! or any other AV tells me the file is infected, - if I download it I know wether it is malicous or not ^^
Why not using Sandboxie to avoid Malware and stuff like that, becoming persistent on your PC ? No need to loose attention and precious time wasting to AntiVirusProgs and their behaviour, just keeping Focus on important things like Reversing for Educational purposes. Btw. for some beginners (like all of us Humans are) it would be easier for us all to mention that to Solve the Arithmetic Formula, numbers are needed to be inserted rather than words. I want also to thank you for your Blog, letting us Nuubs ( 🙂 ) participating your wisdom and easygoing attitude.
Using just Sandboxie is like driving your car way over speed limits and saying "nothing bad will happen because I paid for car-insurance". Some people do that. I consider that crazy.
As for captcha - you're a second person to mention that, I'll see what I can do.