Monster update from BitDefender

[StevieO]

Another monster update just now, this time it was over 4 Megs !!! I Only updated about 20 minutes earlier too !


StevieO

[Chubb]

Quote:

Originally Posted by StevieO

Another monster update just now, this time it was over 4 Megs !!! I Only updated about 20 minutes earlier too !


StevieO

Yes, updates from BitDefender are big these few days.

[chia]

Yup, just did a manual update and got it. Servers must be slammed because it wasn't the swiftest of downloads.

[Sputnik]

It seems they preform a lot of maintenance on their database since these updates only add a few or no signatures. I have no problem reaching their servers, I download the updates with full speed (today's 4mb within 30 seconds).

[Sputnik]

Official statement from BitDefender's support:

Quote:

-IT is true that we had an update of 3.8 Mb.
-This update was released so the next updates from now on will be smaller in size.
-The signatures file was fragmented so it will not grow very big in the future.

I only post the raw facts, since it's against the forum policy to post full conversations/e-mails.

[Visbel]

yesterday they added a huge update with alot of adwares and that was good.
Today they dropped from: Virus Signatures: 418333 to=> Virus Signatures: 415774.
Hmm thats wierd bcz its more then 2500 signatures, why are they removing anyone know's something or emailed them or so .. and does this mean less detection because removing so high signature.. anyone??

[rezare]

No, there's no loss of detection. Those 2500 signatures were just duplicates due some migration error.

[RejZoR]

Ever heard for generic detection? Thats why signatures count decreased.

[Firecat]

Quote:

Originally Posted by Visbel

yesterday they added a huge update with alot of adwares and that was good.
Today they dropped from: Virus Signatures: 418333 to=> Virus Signatures: 415774.
Hmm thats wierd bcz its more then 2500 signatures, why are they removing anyone know's something or emailed them or so .. and does this mean less detection because removing so high signature.. anyone??

Certain losses in number of records is nothing to worry about in BitDefender's case. It is just an optimization of the database, removing unnecessary records while maintaining normal detection rates.

[chia]

The updates are indeed smaller now. They went from around 600k (average) to now around 1/10th the size. Had one just now that was only 27k. Great for those users on dial up.

[pykko]

what I've observed is that they are not detecting many DOS viruses now.
I've scanned about 5800 samples and they hardly detected 170 while others like NOD32 detect 5700...I know these DOS viri are not so dangerous and they are not spreading but I think they should have keep them in the database.

[Firecat]

Quote:

Originally Posted by pykko

what I've observed is that they are not detecting many DOS viruses now.
I've scanned about 5800 samples and they hardly detected 170 while others like NOD32 detect 5700...I know these DOS viri are not so dangerous and they are not spreading but I think they should have keep them in the database.

Are you saying that they were detecting these DOS samples before the big update?

[Visbel]

pykko if bd wasnt detect these, why dont you subimit all these files to them?
it would be good so they also can detect.

[Firecat]

Quote:

Originally Posted by Visbel

pykko if bd wasnt detect these, why dont you subimit all these files to them?
it would be good so they also can detect.

Problem is, there is some kind of trouble with sending samples to BD. The only way I could get samples to be detected by BitDefender was by sending an email to support@bitdefender.com with a detailed explanation and the details of the password-protected archive containing the samples with password.

Whenever I sent samples directly to the Virus Submission Lab, it was never detected.

[pykko]

yes, Firecat...u're right! Their virus submission has problems. If they don't fix it I won't take my time to send them to support and to add a detailed description. If they want to add them they'll add without explanations...I'm not going to beg them because anyway I'm not using their product.

[superdookie]

if you are having problems with updates and virus subs, have you thought of trying other AVg prog.

AVG is good and the turnaround on a sub is damn fast.

[pykko]

superdookie, I'm not using Bit Defender, but NOD32.
Anyway AVG was good in a time, but now it's weak in detection. Take a look at av-comparatives.org tests results.

[Firecat]

Quote:

Originally Posted by pykko

yes, Firecat...u're right! Their virus submission has problems. If they don't fix it I won't take my time to send them to support and to add a detailed description. If they want to add them they'll add without explanations...I'm not going to beg them because anyway I'm not using their product.

I told their tech support about the Virus Submission and they told me to send all samples to BitDefender support from now on. You don't need to send a detailed explanation, but you do need to provide some minor details such as password of the archive and if possible, names of some other products detecting these files as malware.

[RejZoR]

So what's the purpose of integrated quarantine submission system? I also noticed that nothing gets detected if i sent it through Quarantine.
Guess i know why...

[chia]

Not sure how often vendors receive samples from jottis or virustotal but BD doesn't seem to be adding detection from there as well. I've got three week old samples that haven't been added which is not how it used to be with them. Usually just took a day or two.

I got the same reply from support about sending samples to them and they would forward it to analysts, but I'm done dealing with it. Hope they get it straightened out. BD is off my other PC for now, bought another KAV license last week.

[Firecat]

Quote:

Originally Posted by RejZoR

So what's the purpose of integrated quarantine submission system? I also noticed that nothing gets detected if i sent it through Quarantine.
Guess i know why...

Only suspect (heuristic detection) files sent through the quarantine are detected by BitDefender in my experience. Though I will say that whenever I send samples to support, it takes only 2-3 days to add detection.

@chia: Did you make them aware of this forum thread? It is important that they know that the issues are not isolated to a small amount of people!

I've also sent an email to Jotti's Online scan service informing about the issues with BitDefender's virus submission. I'm not sure if Jordi will respond, but lets see.

[Astrid]

But not everybody knows or will ever know this!
Someone must email the support and tell them about quarantine, because all suspected files are being lost and not added!
the mail to subimit thru quarantine should be support and not the Lab´s email!
And about jottiscan i think IBK here can help you thru that if someone ask him!

[Firecat]

Quote:

Originally Posted by Astrid

But not everybody knows or will ever know this!
Someone must email the support and tell them about quarantine, because all suspected files are being lost and not added!
the mail to subimit thru quarantine should be support and not the Lab´s email!
And about jottiscan i think IBK here can help you thru that if someone ask him!

I have talked to BitDefender about this, and they said they'll analyze the situation with virus_submission@bitdefender.com and get back to me by email on this subject.

[StevieO]

I've also tried to send samples to BD via the inbuilt submission several times, but it always failed, now i know why. I'm very surprised they havn't heard about this problem until now, and done something about it.

Having said that though, i find that BD is still up there with the best, and continually has defs for things a lot of others don't yet have, including some really nasty stuff.

Hope they sort it out soon so we can submit to them.

StevieO

[chia]

Quote:

Originally Posted by Firecat

@chia: Did you make them aware of this forum thread? It is important that they know that the issues are not isolated to a small amount of people!

No, I didn't point them to this thread, you can if you want. I did email them and let them know that there seemed to be a recent problem with sample submissions and they gave me the answer above. I would assume (hopefully) that others did the same and they know it's not an isolated occurrence.

That's as far as I'm taking it since I'm currently no longer using any of their products (and I'm lazy ).