Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bitdefender bug


  • Please log in to reply
6 replies to this topic

#1 ranchhand_

ranchhand_

  • Members
  • 1,709 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:07:14 AM

Posted 29 September 2015 - 08:36 AM

Be aware that Bitdefender free version (and possibly the paid version) has a known bug; when it auto scans the HDD it will find certain .exe files that it considers suspect and quarantine them. That in and of itself is not bad. The bad thing is that there is no way to retrieve them. They are disabled and there is no restore button. So there is no way of restoring false positives. Perusing the web, I find lots of people complaining of this but no word from Bitdefender at this time and evidently this has been going on for several months. This appears to be a random bug problem, from what I can read not everyone is affected. I was, however.  I attempted to join their forum, but, oddly, the security code entry box does not open up so I am prevented from typing in the encrypted security letters. 

In addition, there is no option to scan newly downloaded files, which is a "must have" feature in my book. So....I'm moving on.  


Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:14 PM

Posted 29 September 2015 - 09:00 AM

A lot of AVs don't have an option to scan newly downloaded files, for varying reasons.

Emsisoft Internet Security does not scan downloaded files either - mainly because any attempt to execute suspicious files will be caught by the Behavior Blocker, which makes scanning downloaded files redundant, and ineffective in the case of zero-day or packed malware.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,745 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:14 AM

Posted 29 September 2015 - 11:58 AM

Discussion topics at the Bitdefender forums...
Can't Restore Quarantined Files
Bitdefender Free Won't Restore Quarantine Files
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 ranchhand_

ranchhand_
  • Topic Starter

  • Members
  • 1,709 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:07:14 AM

Posted 29 September 2015 - 12:02 PM

 

attempt to execute suspicious files will be caught by the Behavior Blocker

Just my opinion, but I trust a direct scan more as opposed to heuristics.


Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,745 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:14 AM

Posted 29 September 2015 - 12:16 PM

When it comes to ransomware, the best defensive strategy is a comprehensive approach...make sure you are running an updated anti-virus and anti-malware product, use supplemental security tools with anti-exploitation features capable of stopping (preventing) infection before it can cause any damage, update all vulnerable software and routinely backup your data. You should rely on behavior detection programs rather then standard anti-virus definition (signature) detection software only. This means using programs that can detect when malware is in the act of modifying/encrypting files rather than just detecting the malicious file itself which in most cases is not immediately detected by anti-virus software.

Emsisoft Anti-Malware is an antivirus platform that includes anti-malware protection which uses two scanning engines and three security levels (or layers) of protection to prevent the installation of malware and stop malicious processes before they can infect your computer. These layers consist of surf protection, a dual-engine file guard, and advanced behavioral analysis which is extremely difficult to penetrate. EAM continually monitors the behavior of all active programs looking for any anomalies that may be indicative of malicious activity and raises an alert as soon as something suspicious occurs. The behavior blocker is able to detect unknown zero-day attacks without signatures.

EAM combines its technology with Bitdefender Anti-Virus utilizing live cloud-verification for superior detection and removal of malware infections effectively. Emsisoft Pro offers a full anti-malware solution which you can run side by side with your existing antivirus as extra protection without conflicts. Compatibility with other security products is constantly tested. Emsisoft Pro includes a malware removal guarantee and personal assistance in emergency situations. EAM does not offer real-time protection in its freeware mode.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:14 PM

Posted 29 September 2015 - 01:50 PM

Just my opinion, but I trust a direct scan more as opposed to heuristics.

A lot of malware nowadays is constantly encrypted to avoid signature detections - but they can't hide their malicious behaviors, which is where the Behavior Blocker comes in :) IMO direct scanning with signatures is easy to bypass, but the BB isn't.

Edit: We're going off topic here though. From the BD forum discussions it looks like a lot of people are having trouble un-quarantining the files... which is not a good thing at all.

Edited by Alexstrasza, 29 September 2015 - 01:52 PM.


#7 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,081 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 29 September 2015 - 06:41 PM

And there is an equally vexing question here....Why does this 'bug?' affect some systems and not others....?

 

(i am running win X pro with bit defender free on this pc )

 

Bit Defender is working....it picked up something in a file a few days ago....and I also 'tested' it with the Eicar test file


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users