12 Nov 2015

Why do antiviruses suck, part 2

In part 1, I tried to explain reasons behind some of the decisions anti-malware companies make when designing their products. In this part I'll touch some other side-effects of those decisions and what they mean for power-users.

This site has been blocked

In general, I need a very basic antivirus protection - when I make a mistake during my reversing session or web browsing, it should stop malware from:

  • becoming persistent on my computer;
  • sending any data to its C&C server

I'm not retarded and can read and think for myself - therefore I don't want "anti-phishing protection", "parental control", "safe banking", "vulnerability scan" or any other features aimed for persons who shouldn't be using Internet in the first place.

So, I always configure my antivirus to have just very basic on-access scan and firewall enabled, and all other components switched off. You can imagine my surprise when in last 2 days I have been greeted with these messages on 2 separate sites:
page blocked
WTF guys, I have switched off every component I could - why are you still active?! And why are you bugging me with this nonsense?

Make it more user-friendly

I'm very sure that the answer is very simple: somebody in the UI/UX department decided that Bitdefender UI needs to be simplified. So, they took the UI that actually made sense, and fucked it up.

Here's how settings looked like in year 2013 (image (c) Softpedia):
bitdefender 2013 settings

And here's how it looks in the Bitdefender 2016:
bitdefender 2016 settings
Antispam and Firewall have been moved to their corresponding module, but "Antimalware Filter" has disappeared altogether. After all, who would ever want to disable it, right?

To make matters worse, here's how the alert looked in Bitdefender 2015 (image (c) PCRisk):
bitdefender2015-website-blocked
See, there was "Settings" button right at the top of alert page and you could disable "Antimalware filter" from there. Well, they "simplified" that option away as well. Geniuses!

But I really want to disable it!

Luckily, you still can. smile All Bitdefender settings are stored in C:\Program Files\Bitdefender\Bitdefender 2016\settings\. However, to be able to modify files, you will need to start your computer in safe mode.

The file you're looking for is cloud.http.xml. Find your user name in it, and you'll see a section like this:

Apparently, there are more few settings which are hidden in the UI. I can only guess the exact meaning of them but - to be honest - I don't care. I just want this bugger to be gone from my machine. So, I changed "active" to "false" and for the good measure disabled each and every component as well. After a reboot, it all works the way I want, and I can access all the sites I want.

Great success! smile

5 thoughts on “Why do antiviruses suck, part 2

    • If I ever decide to switch AVs, Avast would be quite high on my list. But that was not the point of the post.

      The point was to encourage readers to look for hidden goodies that are not accessible via UI - and pretty much every AV has some of those.. ;)

  1. That's why I say myself is the best antivirus.
    I decide what files I download, and I don't care if avast! or any other AV tells me the file is infected, - if I download it I know wether it is malicous or not ^^

  2. Why not using Sandboxie to avoid Malware and stuff like that, becoming persistent on your PC ? No need to loose attention and precious time wasting to AntiVirusProgs and their behaviour, just keeping Focus on important things like Reversing for Educational purposes. Btw. for some beginners (like all of us Humans are) it would be easier for us all to mention that to Solve the Arithmetic Formula, numbers are needed to be inserted rather than words. I want also to thank you for your Blog, letting us Nuubs ( :) ) participating your wisdom and easygoing attitude.

    • Using just Sandboxie is like driving your car way over speed limits and saying "nothing bad will happen because I paid for car-insurance". Some people do that. I consider that crazy.

      As for captcha - you're a second person to mention that, I'll see what I can do.

Leave a Reply to kao Cancel reply

  • Be nice to me and everyone else.
  • If you are reporting a problem in my tool, please upload the file which causes the problem.
    I can`t help you without seeing the file.
  • Links in comments are visible only to me. Other visitors cannot see them.

Your email address will not be published.

 +  three  =  six