BidDefender: Reliability?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Just ran BitDefender against my trusted "Good" Win-7 system image for my
24-7 box. (restored for the purpose) and it came up with 7 instances of
malware.

I have been running Avast on this system since Day-1.


"OK, let's try it on my ZenBook laptop....".

OOPS!... 67 "Infected Items" and 1 "Suspected Items".

Same deal: Avast since Day-1.

Should have run MalWareBytes, but did not think of it at the time and
now the Bad Guys have been removed.

What are the chances of these two results being correct?

If good, then it sounds like an anti-virus with realtime web and email
scanning enabled still is not sufficient..... (??)

If that's the case, what do Those Who Know do?

MalwareBytes on some sort of schedule?

Boot to BitDefender on some sort of schedule?

Something else?


I'm thinking booting to BitDefender is too much of a time sink for me to
keep it up on a longterm basis, OTOH if it's the only game in town.....
--  
Pete Cresswell

Re: BidDefender: Reliability?

On 2015-02-01 1:53 PM, (PeteCresswell) wrote:
Quoted text here. Click to load it

Every anti-malware/anti-virus program will have both false positives and  
false negatives. No test is 100% reliable, in any context.

Keep that in mind the next time your doc recommends a medical test. We  
live in a contingent world, the best we can do is improve the odds in  
our favour. Sometimes.

Have a good day,

--  
Best,
Wolf K
kirkwood40.blogspot.ca

Re: BidDefender: Reliability?

Per Wolf K:
Quoted text here. Click to load it

So... what to Those Who Know do?   Multiple programs, stick with one and
live with the compromises?..... if Plan B, which one?

Once I have a "Good" image to fall back to, I'm not all that worried
about day-today protection:  keep Avast up-to-date, and roll with
it....re-image if the unexpected happens.   I was just surprised that
BitDefender and MalwareBytes found stuff on my supposedly-pristine
"Good" image...  But now I've got it cleaned up and a copy squirreled
away offline.

But I've got a family member bringing their PC up here on Wednesday -
one which obviously has problems and which I could not troubleshoot via
TeamViewer.

Based on past experience - and the fact that they let their Avast
subscription expire some unknown number of weeks (months?) ago, I am
expecting it to be heaving mass of malware.

For these guys, the "Good Image" strategy is pretty much hopeless: they
spew their data all over the System drive and a re-image is going to
hurt them.

Since BitDefender returned so many more hits (65+ vs 7) on my laptop,
I'm thinking that if I apply only one, BitDefender will be it.
--  
Pete Cresswell

Re: BidDefender: Reliability?

"(PeteCresswell)"  wrote in message  
Quoted text here. Click to load it

Well, hopefully they don't have that Help_DeCrypt trojan,
Have fun.  :)
http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information
--  
Buffalo  


Re: BidDefender: Reliability?

On 2015-02-01 4:45 PM, (PeteCresswell) wrote:
Quoted text here. Click to load it

A real-time defence program (I use Vipre, there are others), set it to  
scan at every couple or three days, and use three or more miscellaneous  
programs to scan the machine about once every couple of weeks. More  
often if you suspect undetected infections. Lots of good recommendation  
in this thread already.

FWIW, I haven't had as serious infection since Windows 2000. But that  
one was a doozy, took me 2-1/2 days to eliminate, I couldn't flatten and  
rebuild because of precious data. Since then, I back up must-keep data  
to external drives, so if system has been trashed I flatten and rebuild  
without data loss.

HTH,

--  
Best,
Wolf K
kirkwood40.blogspot.ca

Re: BidDefender: Reliability?

Per Wolf K:
Quoted text here. Click to load it

Some years ago - when I had a teenager banging on my PC a couple hours
every day - I went adopted a policy of never saving data to the System
drive.   Always partitioned the internal drive to C: (System) and D:
(Data).

I soon discovered that, even in my determination, I was managing to save
data to the System drive - not much, but enough....

So I added one more twist: before re-imaging, I take a temporary image
via a utility that allows browsing the image later (I use ShadowProtect,
but there are others - some free).   Then, if I remember to take the
temp image before restoring from the "Good" image, I'm covered against
my own foulups.   Of course, sometimes I forget to take the temp
image....-).    There's a place for a written procedure with checkboxes
here....

For data backup, I do incrementals to a 1-TB drive that I rotate out at
the beginning of each month.  Six drives...    Not my favorite scheme,
but the backup utility I've gone over to (Macrium Reflect) needs to have
the Full backup and all incrementals on one drive.

My preferred backup scheme was a file copy utility called SecondCopy
which let me swap out drives at will; but it got weird under Windows 7
and I gave up on it.
--  
Pete Cresswell

Re: BidDefender: Reliability?

says...
Quoted text here. Click to load it


 I don't claim to be one of "Those who know" but I'll toss in my 2 cents  
worth. I have a Surface Pro, a laptop, my main workstation and a 3TB NAS  
(6TB total set up in a RAID 1 config) on a home network behind a Zywall  
firewall device. I do a monthly full disk image of the 3 computers to  
the NAS using Acronis True Image. I keep the last three months worth of  
those images at all times. I also do a daily data file backup to the NAS  
using Karen's Replicator. I set up several "Jobs" in Replicator that  
create mirror copies of several folders such as my Desktop, Docs and  
Pics folders, etc. on the NAS. Then once every 3 months or so I copy the  
NAS contents to a portable HD which I normally keep off premises.  

 Each of the computers is running NOD32 as a resident AV program. The  
laptop also runs a paid version of MBAM as a 2nd opinion scanner while  
my workstation runs a paid version of SAS as a second opinion scanner.



  

Re: BidDefender: Reliability?

On 2015-02-02 6:16 PM, Rick wrote:
Quoted text here. Click to load it

Very reasonable level of paranoia IMO. ;-)

--  
Best,
Wolf K
kirkwood40.blogspot.ca

Re: BidDefender: Reliability?


Quoted text here. Click to load it

I wonder if Avira is doing something similar?  That would explain the
Avira installation creating 9060 new Registry entries, would it not?
--  
Web based forums are like subscribing to 10 different newspapers  
and having to visit 10 different news stands to pickup each one.
Email list-server groups and USENET are like having all of those  
newspapers delivered to your door every morning.

Re: BidDefender: Reliability?

CRNG wrote:

Quoted text here. Click to load it

Check the log in your uninstaller program.  I'm assuming it has one.
You can then see where most of the changes were made.

Last time I trialed Avira, it did not insert kill bits for CLSIDs in the
registry.  The uninstaller's log would indicate such.

Re: BidDefender: Reliability?

On 02/01/2015 04:45 PM, (PeteCresswell) wrote:

Quoted text here. Click to load it


There is no magic bullet. Contemplating "apply[ing] only one" is  
nonsense. Go over it with multiple scanners, multiple times.

--  
Mark Warner
MEPIS Linux
Registered Linux User #415318
...lose .inhibitions when replying

Re: BidDefender: Reliability?

wrote:

Quoted text here. Click to load it

Did you check on false positives by BitDefender?


Quoted text here. Click to load it

Did you check on false positives by BitDefender?

BitDefender Free or paid?
BitDefender Free is known to put files in quarantine,
without asking the user.
That means that in the case of a false positive of a system file,
said file will be moved to quarantine, creating the risk that your
Windows will not start.


Quoted text here. Click to load it

Are you sure?
(I would put not a cent on that assumption.)

MBAM and SAS are known to be ADDITIONAL to av-programs.
They can find malware not found by your av-program.
You should run both (after update) to be sure.
Maybe you will be surprised at what they find and your av-program did
not find.


Quoted text here. Click to load it

Who can tell?
Did you check on false positives by BitDefender?


Quoted text here. Click to load it

Real-time protection without a regular full scan, is not sufficient.

Email scanning is not needed.
http://thundercloud.net/infoave/tutorials/email-scanning/index.htm


What to do:
Use your av-program real-time, update every hour,  
scan frequently (full scan).

Additionally:
Update and scan with both MBAM and SAS at least weekly (after update!)


Quoted text here. Click to load it

If you think BitDefender (Free?) is better than Avast (Free?),
then uninstall Avast and install BitDefender.
(maybe will make you feel better.)

Both will have false positives.
Both will screw up occasionally.

Screw up = by updating with wrong updates,
system files will be wrongly marked as infected and will be removed,
after which your PC will be unoperable.
This happened to almost all av-programs sometime in the last years.

But as you make images, that should not be a problem.
 ;-)

--  
Fred W. (NL)

Re: BidDefender: Reliability?

PeteCresswell wrote:

Quoted text here. Click to load it

So you want opinions based on UNKNOWN claimed malware.  Uh huh.  Could
be the "malware" was cookies.  Could be the malware were PUPs (probably
unwanted programs - but quite often those are utilities you chose to
install, like Nirsoft tools).  Could be a lot of possibilities.  You
didn't mention what got reported as bad by BitDefender.  Since you
removed them now you cannot report them.  Just because anti-malware says
there is something doesn't make it true.  Perhaps you just ended up
removing a bunch of PUPs (their ranking) that you really did want.

Re: BidDefender: Reliability?

wrote:

Quoted text here. Click to load it

    Make sure you uncheck PUPs before the scan. Verify anything it
detects for false positives on viruscan.jotti.org.
    Bitdefender flags almost anything compiled with masm as
malware, and also hates Nir software, anything with "toolbar" in the
name, even if it's not a browser toolbar.
    Lots of malware detection is not always lots of malware. Did
you check the detected "malware" before blindly deleting them ?
    []'s
--  
Don't be evil - Google 2004
We have a new policy  - Google 2012

Re: BidDefender: Reliability?

wrote:
Quoted text here. Click to load it

Malwarebytes:
Release 2.1 looking like early March, Beta sooner
https://forums.malwarebytes.org/index.php?/topic/161112-ui-changes-for-malwarebytes-21/page-5#entry932932

I discovered AdwCleaner recently.
Helped a friend on the other side of the world.
Added to my toolbox.

--  
Fred W. (NL)

Site Timeline