bit defender info wanted

Discussion in 'other anti-virus software' started by tahoma, Jun 9, 2003.

Thread Status:
Not open for further replies.
  1. tahoma

    tahoma Registered Member

    Joined:
    May 31, 2003
    Posts:
    228
    hi

    just wanted to know your views on bit defender.

    speed, processes, mem usage, and most of all, detection rate.

    if u were me would either use:
    a)kav, but only monitor download folder,temp, ie cache etc (to reduce slowdown)
    b)drweb
    c)bit defender
    d)other ?

    and... im confused, can someone plese tell me what av's are usiong the kav engine (apart from kav) ?
     
  2. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I know that two of the AV programs that use a KAV engine are:

    extendia AVK Pro.
    They use a KAV engine and a RAV engine.


    eScan Pro.
    They use a KAV engine.

    http://www.mwti.net/antivirus/escan/escan.asp
     
  3. I am not too familiar with BitDefender. If you want a low resource AV with a fair to good record on Virus Bulletin and does good with unpackers and Trojans, I'd go for McAfee Virus Scan...7.0..It's also very good resources and pretty fast too, even at maximum settings..
     
  4. illukka

    illukka Guest

    f-secure has kav engine too, along with 2 others
     
  5. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    BitDefender is an up and coming AV program. But the company are a bit dubious, as they are the ones who forced Kaspersky to change their logo from AVP to KAV.

    The AV programs which use the KAV engine include AVK, F-Secure, E-Scan, Steganos Antivirus and VisNetic AntiVirus ( from Deerfield). Maybe NOD will incorporate the KAV engine next, for better unpacking and trojan detection :D :D.

    Obviously the KAV engine is well respected and must be earning Kaspersky a tidy sum in the above AV programs.

    In all of them the interface is much cleaner and more attractive than in the current KAV. But this will all change with the new KAV 5.

    If your computer is fairly new, and you use the modified Monitor settings, I would strongly recommend using KAV as your primary scanner.
     
  6. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    IMHO BitDefender is heavy overrated/overestimated due to their "aggressive" marketing.

    wizard
     
  7. vrf

    vrf Registered Member

    Joined:
    Jun 10, 2003
    Posts:
    29
    Bitdefender is a romanian company, it is one of the biggest software producers here(I'm from Romania too). But I wouldn't trust Bitdefender antivirus. I don't know, it's kind of weird, it gives many false alarms while missing real viruses and sometimes it corrupts files while scanning them. And it's a memory hog.
     
  8. tahoma

    tahoma Registered Member

    Joined:
    May 31, 2003
    Posts:
    228
    thanks for info guys. i guess ill stick with kav (now kav 4.5) and drweb as backup.

    would be interesting to try some of the other kav based av's like extendia. but i cant find a place to download a trial. and avk is only in german as far as i can see.f-secure's latest version keeps BSODing me so its not a good option, also the daily updates are too big. do the other kav based ones have additional engines ?

    visnetic, esan and steganos sound good. anyone tried these ?

    as for nod32 with kav engine.....sounds good! although i never liked nod much.but anything with kav engine should be great.but imagine an av with both kav and drweb engines and drweb's speed! now id buy that
     
  9. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Rokop reviewed latest version and as far as I can tell, they are pretty impressed with version 7Pro (see thi report.

    Let me try to translate the last bit:
    So, this is starting to look good. I'm impressed by the looks (but, you know that I can only judge AV by user impressions, I don't have the means to test these programs for scanning quality :D ).
     
  10. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To everyone from Firefighter!

    Because there are still people who are communicating with business and company world, BitDefender seems to be the only av that is capable to scan all that stuff you are sending to those companies and I think quite reliable because of BitDefender's reasonable unpacking engine!

    See the table again below!

    Archives    Compressed   MS Office Embedded    MS Office Password  AV-Program   
        Scan     Program files       OLE obj.                   Protected OLE obj.    Name
        [24]         [13]               [51]                                  [8]
       
        23            13                  51                                        8               BitDefender 6.5
        23            04                  51                                       8               Panda AV Platinum 7.03
        24            13                  39                                        8              AntiVirenKit (AVK) 12
        18            05                  51                                        8              PC-cillin 2002 9.03
        11            09                  51                                       8               eTrust AV (ca) 6.0
        24            13                  33                                        8               Kaspersky AV 4.0
        18            13                  38                                        8               F-Secure 5.41
        22            07                  33                                        8               McAfee VirusScan 7.0.1
        18            04                 38                                        8               Command AV 4.74
        16            09                  32                                        8               DrWeb 4.29b
        17            10                  27                                       7               RAV 8.6
        17            05                 30                                        8               Sophos AV 3.65
        16            02                  33                                     7              Norton AV 2003 9.05
        09            01                  07                                       8               NOD32
        14            03                  00                                       7               Avast 4 Home

    And I think this is the characteristic that M$ is building on to RAV very fast, if it is using that AV in the future!
    :D

    PS. The new RAV Scanning Engine 8.11 (27. February 2003) has already better archives scanning and unpacking skills that the list above shows! :cool:

    "The truth is out there, but it hurts!"

    Best Regards,
    Firefighter!
     
  11. -Joerg-

    -Joerg- Guest

    According to the forums at rokop-security.de there are some problems with the monitor.
    - Download the eicar-Testfile. The monitor will popup. No problems so far. Create a link to the eicar-test-file. Doubleklick the link; now it's possible to download or even execute the file.
    - Try to execute the eicar-Testfile. Monitor will popup. OK so far. Now try to execute the file many times in a short period of time. The monitor will only popup once (for the first execution).
    I have not tried it for myself, i've just tried to translate some postings in the rokop-forums.
     
  12. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    So is BitDefender junk or is it a good back up? Does it have any problems running with McAfee VS7.0? ( never have 2 AVs running at the same time, always close your main before you run your back up.) I'm Looking into getting a back up now that GAV is gone. Is there any problems with BitDefender and win XP HE?
     
  13. Karl_Menshy

    Karl_Menshy Registered Member

    Joined:
    Apr 18, 2003
    Posts:
    135
    notageek,

    I am running Bitdefender as a backup on some machines and can say that it works quite well. The only problems I have encountered so far is that Bitdefender dislikes the Symantec symevnt driver; I had to remove this part of several Norton/Symantec apps by hand in order to have Bitdefender work. The support let me know they are investigating the issue, but as for now, Bitdefender won't work well with a present symevnt.

    As a backup I think the free edition is a good choice; the detection rates are good. It installs quite some stuff to your system (comm server etc.), but works even without them loaded, so you may consider removing the additional processes from the startup list; I have posted a topic about using the dos edition, which has the same detection capabilities, see this thread:

    http://www.wilderssecurity.com/showthread.php?t=10796

    In general, I am a happy bitdefender-user. Hope this info helps.

    Karl
     
  14. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Thanks Karl, it helped me.
     
  15. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Notageek from Firefighter!

    I am using the same av systems just now, the first day, and I haven't had any problems with BDF 7.0 Free and McAfee 7.0 together!

    Is BitDefender any good? Maybe you can evaluate that from my last infection list, when I have had my new continuous ADSL internet connection run some 3 weeks.

    I used in the beginning F-Secure 5.41 as my resident, but today I have chanced that to McAfee 7.0 and the scanning engine is just now 4.2.60.

    So here are my last infection results!

    The infected and suspicious files were as follow!

    divx.zip
    opr009QL.zip
    A0008666.zip
    A0009433.zip
    A0009591.zip
    A0011030.zip

    And the results were as follow!

    BDF Std v7: Win32.P2P.Tanked.02 and Win32.Worm.P2P.SdDrop.C (A0009433.zip and A0009591.zip).

    F-secure 5.41: Trojan.JS.NoClose.e; a security risk or BACKDOOR and Worm.P2P.SdDrop.c (opr009QL.zip; A0009433.zip and A0009591.zip).

    NOD32: Win32/IRC.SdBot.AA trojan and Win32/Sddrop.C worm (A0009433.zip and A0009591.zip).

    DrWeb(online): Trojan.NoClose; PROBABLY WIN.EXE.Virus and PROBABLY WIN.EXE.Virus (opr009QL.zip; A0008666.zip and A0011030.zip).

    KAV(online): Trojan.JS.NoClose.e; Backdoor.SdBot.aa and Worm.P2P.SdDrop.c (opr009QL.zip; A0009433.zip and A0009591.zip).

    RAV(online): JS/Noclose*; Backdoor:IRC/SdBot and Win32/HLLW.SdDrop.C (opr009QL.zip; A0009433.zip and A0009591.zip).

    After that BitDefender, McAfee, Panda and Trend Micro free online scanners were not able to detect anything of these in ".zip" extension!

    That divx.zip file was identified as infected in ".exe" extension by Panda Online viruslab after that it was before detected as suspicious by Panda!

    Those A000..etc. files were absolutely infections, because they were multiplying in the "System Volume Information" folder in my WinXP Home system.

    Why I had so many infections during the last 3 weeks? I am on a holiday and the kids, yes, they are using KaZaa again!

    By the way, if so many av:s in there are scoring 100% Award in VB, why for example McAfee VirusScan 7.0 with scanning engine 4.2.60 couldn't detect anything just an hour ago?

    Maybe there is the answer to that value of the famous VB 100% award today! :D


    "The truth is out there, but it hurts!"

    Best Regards,
    Firefighter!
     
  16. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Hi firefighter, you might want to submit them files to McAfee and let them know they are out there in the wild. The only problem I have had with McAfee is 1 false positive and they took care of it when I sent them the file. Thanks for the info Firefighter. I'm going to try BD and keep my fingers crossed.
     
  17. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Notageek from Firefighter!

    I have done that already, let's wait now how fast they are capable to update their database!

    Best Regards,
    Firefighter!
     
  18. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Well, your report states trojans, backdoors etc. Have a look at the test criteria used by VB ;).

    regards.

    paul
     
  19. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Paul Wilders from Firefighter!

    You were right. But it's an other story how important pure virus defence is today comparing to these others! As I am concerned, the infections on my PC have been almost always something else than pure viruses, and there were a lot such kind of cases but there isn't any "Other Malware Bulletin Award" yet, why? :D

    "The truth is out there, but it hurts!"

    Best Regards,
    Firefighter!
     
  20. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Firefighter,

    for starters: define "other malware" ;)

    regards.

    paul
     
  21. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Paul Wilders from Firefighter!

    First of all I mean Worms, Backdoors, Trojans, Script "ugglies" etc.

    Those infectons I have got lately are almost impossible to remove from "System Volume Information" folder in my WinXP Home system.

    I have to admit that I am not very experienced to do that PC cleaning procedures, but why an av, even if they were capable to identify those nasties, were uncapable to clean, remove, rename or even move to quarantine those nasties from your System Volume Information folder in your WinXP Home system!

    After that all, you are only frustrated, it was better before when you didn't know to have those infections at all. :mad:

    "The truth is out there, but it hurts!"

    Best Regards,
    Firefighter!
     
  22. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    That's merely an incomplete summing up - no exact definition - and here you have problem number one...

    Which infections exactly?

    Sorry to hear about your problems. What product are you referring to?

    regards.

    paul
     
  23. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,330
    Location:
    Netherlands
  24. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Paul Wilders from Firefighter!

    First of all, let's look at my latest infections. There are worms, backdoors and trojans.

    My post to DrWeb was that as below!

    "The most of these viruses known to us:

    D:\Temp\vir\qqq\A0008666\A0008666.dll probably infected with WIN.EXE.Virus

    D:\Temp\vir\qqq\A0009433\A0009433.EXE packed by FSG

    D:\Temp\vir\qqq\A0009433\A0009433.EXE infected with BackDoor.IRC.Sdbot.based

    D:\Temp\vir\qqq\A0009591\A0009591.EXE packed by ASPACK

    D:\Temp\vir\qqq\A0009591\A0009591.EXE infected with Win32.SdDrop.3

    D:\Temp\vir\qqq\A0011030\A0011030.dll probably infected with WIN.EXE.Virus

    D:\Temp\vir\qqq\divx\divx.dll - Ok

    D:\Temp\vir\qqq\opr009QL\opr009QL.htm - archive HTML

    D:\Temp\vir\qqq\opr009QL\opr009QL.htm\Javascript.0 infected with Trojan.NoClose

    D:\Temp\vir\qqq\xms32.tmp\xms32.tmp.exe packed by FSG

    D:\Temp\vir\qqq\xms32.tmp\xms32.tmp.exe infected with BackDoor.IRC.Sdbot. based

    We'll check up the rest of files."

    My last comment to DrWeb:

    PS. "Does it make any harm when I couldn't remove and/or rename those infections from my "System Volume Information" folder in my WinXP Home system?"

    About those infections in "System Volume Irformation" folder:

    DrWeb: "No, it does not make any harm, infected viruses are helpless while being in the System Volume Information folder - this is system locked folder, and system will erase obsolete files by itself when needed".

    But now to the reality. As an average user and maybe a bit below that limit, there is still one question without an answer!

    Why those files are still in System Volume Information folder even just now?

    The second was that what are those questions exactly?

    Let's look at only to those last onens.

    Can someone tell why those last infections were unable to remove from System Volume Infection folder in my PC with McAfee, F-Secure, DrWeb 4.29c, BitDefender v7 Home, NOD32 etc? :eek:


    "The truth is out there, but it hurts!"

    Best Regards,
    Firefighter!
     
  25. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Mostly, indeed.

    As long as one doesn't perform a system restore: yup.

    Can't follow you here: DialogueScience did answer that one.

    Once more: explained by DS. Try disabling system restore, clean your temp file, perform a full scan, enable system restore - and post results ;)


    At times: yes. Mostly: no, it doesn't ;)

    regards.

    paul
     
Loading...
Thread Status:
Not open for further replies.