Caution using BitDefender

Discussion in 'other anti-virus software' started by overangry, Jul 16, 2011.

Thread Status:
Not open for further replies.
  1. overangry

    overangry Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    309
    Hi all,
    I would like to share an experience I had with BitDefender Total Security 2011.
    The program was running fine for a while on my PC, which had a fresh install of Windows 7 64-bit on it.

    Then out of the blue IDS detected a malicious file, it then deleted the Windows file mcupdate.exe.
    This was a false positive.

    I received a windows error message every time media center tried to update.

    What is disturbing is that the file was not placed in quarantine nor was I given the opportunity to allow or deny this action. In my opinion a very dangerous flaw in their software.
    I was forced to restore to an earlier snapshot.

    I have reported this issue on their forum.

    When AV's start deleting legitimate windows files and you are unable to stop this from happening then they become dangerous.
     
  2. Qlimax

    Qlimax Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    33
    Location:
    Romania
    Did u ever looked in the settings area to see if its possible to activate that option, and i mean to ask you before delete a file? Well i did, and surprise...it works! Don't blame the product if u dont know how to use it!
     
  3. overangry

    overangry Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    309
    Why should Io_O
    Out of the box, should I have to make changes to my AV. If anything it should be more stable with default settigs.
    And you bet, I BLAME THE PRODUCT:thumbd:
     
  4. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    As Qlimax wrote,indeed in the settings you have to change to ask when a malicious file is detected,because the default option is delete.I found this very disturbing too,because a regular user usually don't mess with the settings and he/she could have a lot of problems in a FP situation,as OP wrote.The default action must be ASK,or DELETE,but in this case the file must be automatically copied and quarantined.
     
  5. Qlimax

    Qlimax Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    33
    Location:
    Romania
    I just said what to do...maybe u have a bit right, but i have too :rolleyes:
     
  6. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    You're right,ok....but not from a regular user point of view.The default actions and settings of an AV must be user friendly for all users,as a geeky user can mess with the advanced settings at any time.And if i'm thinking twice,BitDefender is the only AV as far as i know with this default action on detection.And they must change this IMHO.
     
  7. saakeman

    saakeman Registered Member

    Joined:
    Jul 15, 2011
    Posts:
    89
    Agree... average users, that doesn't understand security, won't mess with settings
     
  8. sm1

    sm1 Registered Member

    Joined:
    Jan 1, 2011
    Posts:
    520
    Bitdefender must give clear details before acting on a suspicious file. GData which uses bitdefender engine infact warns that choosing a repair option may corrupt the file.
     
  9. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    It should be set to ask or quarantine by default..... Period. Yes there may be a setting to do this, but not all users are Wilders members, and they never even open their GUI after installing an AV. Wrong default setting by BD.
     
  10. yaslaw

    yaslaw Registered Member

    Joined:
    Feb 27, 2005
    Posts:
    167
    Location:
    Poland
    One of reasons to drop BIS 2012 beta was a lack of option to keep copy of deleted files in quarantine. It was annoying to see how your files (fp's) are just vanishing from hdd
     
  11. overangry

    overangry Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    309
    This is the main reason for my post, to make those of you who are not familiar with BitDefender aware of this, in my opinion, appalling default behaviour.


    Yes I did, I am by no means an export user, I do however tinker with the setting of the AV's I have installed.
    But I did overlook this:oops: In hindsight, maybe one of the first stops I should have made.
    You are right, yes this can be changed in the settings.
    But surely you must agree, no AV that is set by default to remove/delete a file, should do this without giving its user a chance of recovering that fileo_O
    At the very least, BitDefender should have quarantined that file.
     
  12. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Quarantine should be the default setting, never delete. Most people will
    not know what to do if the antivirus is set to "ask".

    Bo
     
  13. m0unds

    m0unds Guest

    fwiw, IDS isn't enabled by default. if it was enabled on your install, it was either enabled manually or something occurred with setup that caused it to turn on. also, iirc, quarantine is the default action for threats detected by the product.
     
  14. overangry

    overangry Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    309
    I assumed It was detected by IDS.
    Whatever real-time monitoring was used, it caused damage by deleting a system file.

    Their forums have many, many people complaining about these or similar issues where files have been deleted.
    The file was not quarantined, files cannot always be quarantined

    I have removed BitDefender from my system and cannot verify any settings.

    DannyDan BitDefender(technical help)

    DannyDan Quote:
    Hello,

    Depends on the type of file and its location, also depends on how exactly was the file detected. Not all files can be moved to quarantine. Some of the threats found must be deleted directly. To provide you with more details I need to know what type of files are you referring to when you mention "I have Bitdefender Antivirus Pro 2011 and it deleted some files".

    Regards,

    DannyDan Quote:
    That is why I am trying to explain Mortis. Some files can't be send to quarantine, you can only delete them. I can't yet provide you with an answer why BitDefender deletes the files until you do not provide me with the files name and extension.

    Are the files you are referring to system files ? What was the location of those files when BitDefender deleted them ? Was the delete process part of a scan or triggered by the Real Time Protection when you downloaded these files ?

    Entire post here:
    http://forum.bitdefender.com/index.php?showtopic=27137

    The poster was talking about system scans, technical help thought he was talking about real-time monitoring, so it is relevant.
     
  15. carat

    carat Guest

    Well done BitDefender :D It's better to use common sense these days, it shouldn't delete your system files ;)
     
  16. sm1

    sm1 Registered Member

    Joined:
    Jan 1, 2011
    Posts:
    520
    Bitdefender 2012 products are to be launched in 28th July. The main website is showing the countdown.
     
  17. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    I'm a former user of BD and I always liked it. May use it again!


    BUT ALL vendors SHOULD IMHO set all the defaults to safest settings ie quarantine to protect the end user from themselves.

    In this forum we know how to do these things and research these actions in advance of use BUT "joe user" has no clue thus helping my security support business. ;)
     
  18. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    will the 2012 rascal accept 2011 keys? I still have like 545 days on my other computer
     
  19. Duradel

    Duradel Registered Member

    Joined:
    Nov 26, 2010
    Posts:
    363
    Location:
    Melbourne, Australia
    Its important for every user to create regular system restore points. If the users have the know-how then doing a monthly image of a computer's files is important too.

    I didn't test out the beta for BD 2012 but I'll give the final version of it a go since I've got a few months left on my BD 2011 TS license.
     
  20. m0unds

    m0unds Guest

    it's always been their policy to accept keys from previous versions to activate new versions, i'd hope they wouldn't change it for this product line with all the improvements they've made.
     
  21. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    What happened to windows file protection?
     
  22. overangry

    overangry Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    309
    Yes they will, I specifically asked customer service this before I purchased 2011.
     
Loading...
Thread Status:
Not open for further replies.