All antivirus programs are kind of mediocre

[jigglywiggly]

Now, I have avast installed.

I installed unlocker which unlocks files on your computer and it works perfectly well.

http://www.emptyloop.com/unlocker/

I accidentally let it install something called delta search

It is spyware.


It changed all my browser's home page and messed with all the result listings. (DNS hijacking)

I tried kaspersky and that didn't see anything.
I installed avg and still nothing.

spybot search and destroy saw it but removing it didn't do anything.
I even wasted 13$ on their live protection.

The only program that stopped it was adwcleaner and removed everything by itself(I realize that delta adware has an uninstall in the add or remove programs but it does not reset my home page automatically)

Why does only 1 program remove everything without user intervention?


I just want an anti virus software that would do it all for me in real time.

Why don't any of the other programs detect against this?


EDIT: lavasoft also failed once I tried again

 

[smakme7757]

Actually i had trouble with Delta-Search as well.

You must understand that companies can apply to have their software white-listed by AV companies.

For example a lot of remote control malware is very much like their legal counterparts. The difference between VNC and a Darkcomet isn't really much. The biggest difference is the culture surrounding Darkcomet which is used in malware by scriptkiddies - and therefore killed off by antivirus software.

My guess is Delta-Search is a piece of software currently in a grey area. Not completely outlawed but not completely accepted either.

 

[Berryracer]

it's like the ask toolbar

PS: NOD32 catches any program that has toolbars hidden in them and warns me before installation

 

[Bubbaleone]

Malware, adware, and spyware authors take complete advantage of the social engineering fact that computer users will indeed choose to install their "product". It saves the author a lot of time to not have to write complicated backdoor coding to get his product installed on a computer. Whether the user knowingly downloads and installs, or the malware product is bundled with other (usually free) software, one still must make the choice to perform the installation that will inevitably install this type of malware.

It's up to the user to educate oneself about malware, spyware, and adware and to take the time to carefully read every word and scrutinize every option (rather than just clicking the "Next" button) when installing any software downloaded from the internet. In the case of Cedrick Collomb's Unlocker, the change log for Unlocker 1.9.2 clearly states in bold font; "-Promotional feature: Fully optional Delta toolbar". It is and will continue to be the trend that much of the closed source freeware, available on the internet, will contain one or more bundled programs that (if installed) may be unwanted or may cause unwanted changes.

Most competent AV products are fully capable of detecting PUPs (potentially unwanted programs) and PUMs (potentially unwanted modifications) if one has enabled these features in the settings. IMHO, it's unfortunate that the default settings for many AV products don't include PUP/PUM detection and leave it up to the user to enable it. Because enabling this type of detection uses more computer resources and time, many users choose not to enable PUP/PUM detection or heuristic analysis because of the impact on performance. If the best possible protection is the goal then self-education, PUP/PUM detection, scanning of all executables and archives when opened, and strong heuristic scanning of all files downloaded from the internet, will go a long way toward keeping undesirable software from getting installed.

.

 

[jigglywiggly]

I enabled PUP in avast for realtime and quickscan and it still did not detect it.


It's not me I am worried about, it's just that I realized why so many computers are filled with adware even though they have an anti virus.

 

[Bubbaleone]

Adware authors today are very careful to avoid coding that is typical of malware and as the result, depending on its sophistication and configuration, many AV products don't see a threat because the installer accesses the Windows API in a manner that appears legitimate, and ones (implicit) consent to install the software was given the instant the install button was clicked.

.

 

[sweenish]

Since this isn't a virus, I don't see what the issue is.

 

[Bubbaleone]

Since this isn't a virus, I don't see what the issue is.

The issue is software masquerading as legitimate that hijacks your browser settings, redirects you to unwanted advertising pages and, even though it has an uninstaller that can be accessed through Programs and Features, it is problematic to remove it as well as having to identify and undo all the changes that it made. The same authors that code viruses and trojans code this kind of crap as well.

.

 

[Ketchup]

OK, so my answer won't be quite as technical: safe browsing habits (SBH) and some protection for whatever gets through.

I have stopped being shocked that my base antivirus software didn't catch things long ago. It's also been a few years since I even had a virus. Why? SBH

If I am cleaning a machine from a virus, I usually don't rely on the antivirus first anyway. Superantispyware and MalwareBytes Anti-Malware have been my best infection removers as of late, although I did have to use Kaspersky Rescue Disk on a laptop a couple months ago, it was a nasty one.

 

[balloonshark]

Whenever I download anything I run scans on it before running the program. With Unlocker both of my scanners didn't detect anything just by scanning. If the file is 64MB or smaller you can upload it to virustotal where it will be scanned by multiple scanners. https://www.virustotal.com/en/file/...67603f70bf7611de64311ece0624b365397/analysis/

I also like to download from majorgeeks.com and softpedia.com. They give you a heads up when a program comes with crapware.

http://www.majorgeeks.com/files/details/unlocker.html

http://www.softpedia.com/get/System/System-Miscellaneous/Unlocker.shtml

Note: Virustotal results aren't perfect. Some vendors programs flag everything while others will flag a program because it isn't well known. At times you will need to do your homework if a program is flagged. In your case I wouldn't have installed the program (or done more homework) based on the VT results as most of the vendors that flagged it are reputable.

Another online scanner can be found here. It has a 25MB file size limit. http://virusscan.jotti.org/

 

[natto fire]

The issue is software masquerading as legitimate that hijacks your browser settings, redirects you to unwanted advertising pages and, even though it has an uninstaller that can be accessed through Programs and Features, it is problematic to remove it as well as having to identify and undo all the changes that it made. The same authors that code viruses and trojans code this kind of crap as well.

.

Uninstalling AVG for this very reason. It wasn't the end of the world to have to change my settings back in 3 different browsers, but it was still an annoying "feature" that I did not feel like dealing with, and didn't bother to research if it could be turned off or not.

 

[gevorg]

IMHO, Sandboxie is better than anti-virus for web browser trojans/hijacks. If you actually download files and want to run them outside the sandbox, then yes, its dangerous, but there are always disposable VMs for that.

 

[sweenish]

The issue is software masquerading as legitimate that hijacks your browser settings, redirects you to unwanted advertising pages and, even though it has an uninstaller that can be accessed through Programs and Features, it is problematic to remove it as well as having to identify and undo all the changes that it made. The same authors that code viruses and trojans code this kind of crap as well.

.

It's still not a virus, so my question remains.

You're just shifting blame because you were too distracted while installing. And when you're physically approving an install of something that will hijack your system, an anti-virus still won't save you then. The best it will be able to do is mitigate. The onus is still on you, and you lapsed. Move on.

 

[Bubbaleone]

It's still not a virus, so my question remains.

You're just shifting blame because you were too distracted while installing. And when you're physically approving an install of something that will hijack your system, an anti-virus still won't save you then. The best it will be able to do is mitigate. The onus is still on you, and you lapsed. Move on.

Since you obviously didn't comprehend the OP I think you're confused about a few things; I'm not the OP so I don't know why you're addressing me, and you're reply is just a spiteful rewording of what I'd already said in my first reply to the OP. A globally diverse group of people, with widely varying computer skills and knowledge levels, come to AnandTech Forums for suggestions and advice that will hopefully help them to acquire new insight or perhaps find solutions. If you believe that your type of attitude and your choice of wording is supposed to be beneficial to the OP, or any other member of this forum that happens to read this thread, then you're sorely mistaken.

.

 

[pcslookout]

IMHO, Sandboxie is better than anti-virus for web browser trojans/hijacks. If you actually download files and want to run them outside the sandbox, then yes, its dangerous, but there are always disposable VMs for that.

Definitely

 

[Kaido]

I accidentally let it install something called delta search

It is spyware.

Technically, viruses and malware are two separate things, so you need two separate programs. Plus a firewall. I would highly recommend Malwarebytes for anti-spyware. It has a live mode (real-time protection) available in the pay-for version; Newegg has specials on Lifetime package all the time for like $15:

http://www.newegg.com/Product/Produc...82E16832562002

If you want a convenient setup, Microsoft Security Essentials + Malwarebytes Live + Windows Firewall is pretty decent. MSE isn't the best, but it has a small system footprint and does a pretty good job in combination with Malwarebytes. Bitdefender is also really good & includes an antimalware package as well. If you want more firewall control, Comodo, Zonealarm, and Tinywall are excellent choices.

Alternatively, you can run Windows in a VM with DeepFreeze soley for surfing & testing software installs and just have it nuke the desktop on every reboot

 

[Virumo]

I use Comodo Internet Security, it has an option to monitor for potentially unwanted programs. I think this is a feature that some, but not all AV software offers. I've never had Comodo pop up warning about a potentially unwanted program, but I'm also pretty good at spotting their installation attempts. Ironically, Comodo itself tries to sneak Dragon (its own distribution of Chrome) onto your system when you install Comodo Internet Security. I mean, sure, I actually did want it (I'm not a believer that most people should use 'base' Firefox or Chrome, really), but I can only imagine how many out there end up with it who will never use it.

 

[jigglywiggly]

It's still not a virus, so my question remains.

You're just shifting blame because you were too distracted while installing. And when you're physically approving an install of something that will hijack your system, an anti-virus still won't save you then. The best it will be able to do is mitigate. The onus is still on you, and you lapsed. Move on.

Hmm, that same logic could be used for an actual injection virus. I approve it ran, doesn't mean I don't want an AV to catch it first.

 

[Entropism]

Installing an Antivirus after the fact also hurts your protection. Most focus on preventing things from touching your computer, not cleaning them up afterwards. Once you're infected, you're at the point where you'll want a Live CD.

 

[Matt1970]

OK, so my answer won't be quite as technical: safe browsing habits (SBH) and some protection for whatever gets through.

I have stopped being shocked that my base antivirus software didn't catch things long ago. It's also been a few years since I even had a virus. Why? SBH

If I am cleaning a machine from a virus, I usually don't rely on the antivirus first anyway. Superantispyware and MalwareBytes Anti-Malware have been my best infection removers as of late, although I did have to use Kaspersky Rescue Disk on a laptop a couple months ago, it was a nasty one.

Superantispyware and MalwareBytes are my go to programs as well and I also still like Spybot and ComboFix. Those usually do the trick. Actual viruses are still out there but not nearly as frequent as malware. Not even close. I also run Ccleaner as soon as I can as it makes all the follwing scans go quicker.

 

[FalseChristian]

I know I need Java on Nvidia's website in order to automatically identify your GPUs.

Also you need it http://www.classicdosgames.com/ in order to play 1 of their on-line
games.

So, I'd say it is useful.

 

[SlickR12345]

Use a firewall when using Avast free antivirus. I use Zonealarm free firewall with Avast, though recently tried bitdefender total security to see what all the fuss is about.

Thing is you can run BD total security forever in trial mode. All you need to do is uninstall it by the end of the trial and delete the registry keys and install again and you have 30 days trial again.

This actually works with most antivirus software. Norton, ZA, AVG, BD, Kaspersky, etc.. all can be made to run trials forever.

 

[sweenish]

Since you obviously didn't comprehend the OP I think you're confused about a few things; I'm not the OP so I don't know why you're addressing me, and you're reply is just a spiteful rewording of what I'd already said in my first reply to the OP. A globally diverse group of people, with widely varying computer skills and knowledge levels, come to AnandTech Forums for suggestions and advice that will hopefully help them to acquire new insight or perhaps find solutions. If you believe that your type of attitude and your choice of wording is supposed to be beneficial to the OP, or any other member of this forum that happens to read this thread, then you're sorely mistaken.

.

Not sure how I got OP confused.

As for the rest, I get diverse. I don't get stupid.