Virus Chaser - free antivirus using Bitdefender's scan engine

Discussion in 'other anti-virus software' started by roger_m, Nov 25, 2014.

  1. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    The antivirus Virus Chaser is not a new product. When it was first released it was a rebranded version of Dr. Web. The current version, 8.0 is using Bitdefender for the scan engine, with Virus Chaser's own user interface. After downloading it to try it again (I tried it a number of years ago), I found that it is now free. My copy says it expires on the 31st of December 2015. I don't know if you have to buy it after that or future updates will push back the expiration date.

    It is exceptionally light and only has a very minimal impact on my aging laptop, and includes proactive defense. It remains very light when opening my Download folder with 400+ installers in it, and when doing scans. Both of which, with most antiviruses, cause significant CPU use on my aging laptop.

    VC.png

    It initially refused to update its definitions, with updates starting, but failing to complete and not updating anything. To get it to work, in my case I had to download the latest definitions from Bitdefender, and then copy them to Virus Chaser's plugin folder. After doing this and then running another failed update, Virus Chaser was correctly showing it had the current definitions. A reboot fixed the update issue, and updates complete now. Hopefully, it was just a one of problem with my computer.

    You can download Virus Chaser here. The page is in Korean, but you will see the icons there for the downloads for the 32 bit and 64 bit versions.

    I realise that most people won't care for yet another Bitdefender based antivirus. But, it may be of use for some as it is lighter than most BD based antiviruses.
     
  2. Yash Khan

    Yash Khan Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    1,834
    Does it uses latest BD engine & databases?

    Is the Proactive their own or BD Active Virus Control?
     
  3. controler

    controler Guest

    It takes a very long time to download. Wonder if this is what is causing their update problem?

    Dialup used to be faster than this Korean site.
     
  4. PaulBB

    PaulBB Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    708
    Looks nice but doesn't want to install on Windows 8.
     
  5. controler

    controler Guest

    Installed fine on my 8.1 64 bit and said no booty necessary but I could not open the GUI
     
  6. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,513
    Location:
    USA - Back in a real State in time for a real Pres
    No booty necessary. LOL
     
  7. FOXP2

    FOXP2 Guest

    A nice AV booty is even better than a pretty UI.

    The current engine file, bdcore.dll, is 11.0.1.12. Note that this engine uses both signatures and heuistics (B-Have), the latter can be described as "proactive."

    For the AV signature updates, look for your update.txt file and compare it to the latest as published by BD:
    http://download.bitdefender.com/updates/bitdefender_v9/plugins/update.txt
    Check it a few times a day and you'll see what the free BD app is worth. BD updates just about every hour. The greater the gap between your files and BD's, the greater your dependence on B-Have.

    As AVC is Bitdefender's flagship technology, it's unlikely it would show up in a free app. Would be nice, tho.

    Anyone running VC can check the installed locations for files like avcuf32.dll, avcuf64.dll, avccore.dll and avc3.sys.

    There should be a directory with avc3.* files which are updated occasionally with avc3.hx (signatures) and avc3.hxi (exceptions) being the incrementals that get the most attention a few times a month. FYI: there is much more to AVC than signature dependency.

    While the BD SDK might write the directories and files initially, they won't be updated or executed if the developer didn't pay for licensing, so their presence won't actually indicate the processes are implemented.

    Use a system utility to verify AVC activity. For example, in this composite screenie System Explorer shows avcuf64 and avcuf32 at work monitoring running processes.

    Anyone care to check those out and post up?

    Cheers.

    LS-AVC_AtWork.jpg
     
    Last edited by a moderator: Nov 25, 2014
  8. FOXP2

    FOXP2 Guest

    Any BD licensed product will need to download the full monty of signature files, about 250MB which extracts to about 900 files. This will be bundled with the setup file, or downloaded after a successful install. A properly developed implementation of a BD product will then update sigs incrementally, typically 3-4MB if done hourly.

    One way or the other, it might take "a very long time" to download, or even fail, depending on conditions - yours and/or theirs and/or the routing out there.

    Cheers.
     
  9. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    I just updated Virus Chaser, and the definitions were two hours behind Bitdefender:
     
  10. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    Well, I could see this product being targeted at the Korean market and thus aim to make a profit there.

    However, for the rest of the world, what would make someone pick this over Bitdefender and it's own free offering? Let's put GUI and performance aside. Does anyone know if the company behind VC develop its own in-house tech?
     
  11. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    There are two very good reasons. You can configure it to not automatically qurantine threats, which is very important for me. Secondly, it is much lighter for me than the paid or free versions of Bitdefender. This is also important to me, as I refuse to use an antivirus which makes my computer run slowly.
     
  12. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    I did another update. This time there's a three and a half hour delay.
     
  13. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    They are missing. They are neither in VC's folder under Program Files nor AppData.
     
  14. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    They have their own patented proactive defense called BODAR (Behavior Oriented Detection At Run-time). You can see a very basic and badly translated (via Google) description of it here.
     
  15. FOXP2

    FOXP2 Guest

    @ roger_m

    Thanks for checking on all that.

    As of your post #9 at 3:42 PM, the file was at v7.57950 and at 8:48 PM it was 953, three versions over 5 hours. This isn't too bad.

    If you want, don't do any more manual updates and every chance you get, check the update.txt file against BD's and you can nail down how often and how well VC is doing. Even a three-four hour lag is acceptable under normal usage. And if you know you're going to do some online buying or banking, just do manual update first.

    Consistent downloads of BDs frequently updated files is the closest thing you can get to "real cloud" zero-day detection without the cloud hassles. (I set up a task for Lavasoft Ad-Aware to check every 20 minutes, the default being 60 - that's in all versions, free and paid. With rare exception, it's never been more than 2 hours behind.)

    I would have taken bets you wouldn't find AVC. ;) Tho, B-Have is not to be dismissed too easily, either.

    First impression is this is a nice BD app. And it works well in your environments where Lavasoft and others would not be. Looks like a keeper especially considering BODAR could turn out to be effective protection; those Koreans are real sharpies in the brain department.

    Cheers.
     
  16. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    By default it only checks for updates every four hours - and this is the recommend setting. So I presume they only update their signatures every four hours. However, I have just changed it to check hourly and will see how often it does update.
     
    Last edited: Nov 25, 2014
  17. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    Virus Chaser just did its first automatic update after I changed it to check for updates hourly. Its definitions at the moment are the latest Bitdefender definitions v7.57955, the same version Bitdefender is showing on their website. But, Bitdefender haven't updated their definitions in the three hours since I last posted about definition versions.
     
  18. FOXP2

    FOXP2 Guest

    So, we've seen eight over a 9-10 hour period.
    This is about right from what I've observed over the past few years.
    Sometimes there's more, sometimes less.
    My system hibernates about 8-9 hours while I hibernate, one morning a few months ago there were 14 updates in those 8 hours.

    7.57950 - Tue 19:38:16 2014
    7.57951 - (didn't observe)
    7.57952 - Tue 21:59:25 2014
    7.57953 - Tue 23:54:14 2014
    7.57954 - (didn't observe)
    7.57955 -Wed 03:03:27 2014
    and
    7.57956 - Wed 05:01:26 2014
    7.57957 - Wed 06:06:47 2014

    Since the BD updates don't occur at an exact interval (i.e. at 10 minutes after the hour, every hour) it's possible an apps' hourly update, if say at 55 minutes after the hour, would have missed the one at 05:01. But I think you've determined VC's update server(s) are pretty much in sync with the BD releases, which is very good. That said, you'll do just fine with a one hour check up and doing a manual when you think of it.

    Anyhow, that's about it for my contributions to this thread.

    Good luck.
     
  19. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    Thanks for the information. Just one quick question for you. The update.txt file online did not change from v7.57955 until v7.57958, i.e. when I refreshed the page it did not show updates 56 and 57. I even forced a refresh of the webpage. Am wondering why those two updates where not shown.

    Currently BD is on 58 and VC on 57 so not far behind in updates.
     
  20. Yash Khan

    Yash Khan Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    1,834
    Version in both the products are same i.e starts with 7.57.......
    Signature number in both the products are different
    i.e Virus Chaser starts with 58......... ( This resembles BD free, BD free starts with 58..........)
    & BD starts with 51........... (guess this is paid BD )
     
  21. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    The problem with those re-branded products is that they often go south. The company behind it stops updating it or gets sold or whatever else.
     
  22. FOXP2

    FOXP2 Guest

    It's not unusual for an update to lead the version published online; it doesn't occur all that often.

    Right now I'm running v7.57967 but they show v7.57965. Maybe some one over there called in sick. Or they ran out of coffee. Suffice to say, if your version is ahead, all is OK.

    The purpose in cross checking is to make sure that not only one is running a relatively recent version but if your auto-update function is OK. And to throw up a red flag: if online says v7.57966 and you're at v7.57945, there could be a problem. ;)
     
    Last edited by a moderator: Nov 26, 2014
  23. FOXP2

    FOXP2 Guest

    Signature Number is the number of signatures in the current version, i.e. Signature number: 5163949 = 5,163,949 signatures. Yes, 5,163,949. That number will go up and down depending on new addition activity and consolidation/housekeeping.

    Version is, um, the version. Number 7.57965 is older than 7.57966, which is newer. It's a numerical thing. Trust me.

    This has been the format for Bitdefender signature files for years. Period. There's no free, paid, Virus Chaser, this, that, or other files.

    Cheers.
     
  24. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Virus Chaser is under new management and a new development team now. I would check the product thoroughly as in the past they used to disable heuristics to minimize FP rates.
     
  25. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    The number is always higher for Virus Chaser, I presume that means that have some signatures of their own too.
     
Loading...