What AV's DO NOT 'prompt for action'?

Discussion in 'other anti-virus software' started by ploppo, Feb 18, 2012.

Thread Status:
Not open for further replies.
  1. ploppo

    ploppo Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    8
    BitDefender AV Plus 2012 is the first one that I have come across that will completly nuke everything it finds - including my folder of game trainers that I paid for and other stuff that was archived using archivers such as Molebox, etc.

    In the past I have used Nod32, MSSE, Zone Alarm, Kaspersky, etc - but none of them, none of them, didn't have some sort of 'Prompt for Action' option to prevent exactly this type of thing from happening.

    BitDefender may score well as an AV - BUT, it is the only one I would never recommend to anyone.

    I'm dreading a false-positive with this pile of garbage. Yeh, you can set the thing to quarantine instead of auto-deleting - but you still can't get it to prompt before taking any action whatsoever.

    On top of that, they emailed me with 5 free Licence Keys that I could give to friends and family so that they could have the thing for free.


    So, be warned if ever you are tempted by all of the reviews and glowing accolades of BitDefender - it, by default, has the capability to destroy data because the developers thought it would be a great idea.


    However, I'm intrigued as to whether any other AV software has the same nutjob same idea? Just so I know what else to avoid in the future.
     
  2. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    754
    Norton, Panda cloud.
    Not sure, but McAfee could also suffer from that.
     
  3. ploppo

    ploppo Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    8
    Thanks for replying.

    What I don't understand is WHY? Why create an AV solution, that by default, will destroy the end-users data without allowing them the option to intervene?

    It doesn't make sense to me - possibly because I have never come across this before. How could a developer think it a great idea to take a fail-safe away from the customer? It's not their data, or their computer. I seriously don't get it.
     
  4. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    754
    Probably because the amount of users leaving it on auto-mode anyway is high, and the amount of "trivial" FPs is comparatively low, thus they can use "restore from quarantine in case of FP" line when users complain.
    The problem is all it takes is 1 major FP (critical OS file and registry entries associated with it) to debunk the idea behind this.
    Conclusion, it's because they're lazy. :)
     
  5. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    Wow...can i have a license for this...piece of junk? :D :D
     
  6. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Bitdefender has a great AV engine. Its just better used in a rebrand. Like immunet.
     
  7. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I dont trust any security program to make a Automatic decisions unless its default deny and not default delete.Appguard is doing everything I need it to do,keep the nasties off and not nuke my system or my files.Waiting for the post when someone's MBR gets nuked because of this auto delete.The auto Delete should never be a default out of the box IMO its just a accident waiting to happen.
     
    Last edited: Feb 18, 2012
  8. Cloud

    Cloud Registered Member

    Joined:
    Feb 1, 2011
    Posts:
    1,030
    Location:
    United States
    :D :thumb: :thumb:
     
  9. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    That's the exact reason. But for most AV you can set it to ask mode. You just have to dig deeper into the settings.
     
  10. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    I can't stand not having a choice. Its an instant uninstall. Why a program would just delete a file without asking is unimaginable?
     
  11. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    I can agree on the Norton and McAfee. Norton from personal experience and McAfee from other people's experience. No clue on the Panda. They think they are "keeping it simple" for the novice users by not asking them to do anything. Unfortunately with that model it is not possible to avoid some false positives causing file loss. I prefer to be asked. I hope some of these vendors will make it an option at some point.
     
  12. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    I know Kaspersky has an option to ask whenever it finds detection.
    Others dont , which I dont get why ?
     
  13. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Actually during installation Kaspersky and some other AV (ESET ?) asks where it will decide everything or leave upon user something. Now at that point if user selects to leave upon the AV to decide everything then that should not be the fault of that AV. For Panda there is no prompt whatever.
     
  14. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    I think the best option for all AV should be to show alert by default with a check-box saying " Don't ask again, decide automatically".
     
  15. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
    eset have that optiono_O
     

    Attached Files:

  16. ploppo

    ploppo Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    8
    Yep, I know.

    The way I wrote my sentence is probably grammatically wrong - but I do state "didn't have some sort of 'Prompt for Action' option" to mean that they all did - if you get what I mean.
     
  17. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    I have told it in Norton forums but they think majority of people are not intelligent enough to understand what to do , hence Av decides itself ( which i fully agree)

    Thats why kaspersky and other Av also followed same path. In fact now Reviewers in various magazines and website count it as pro and those AV who ask for action on what to do are not considered user friendly.


    I feel that every AV should have this setting ( not enabled by default ) to "ask what to do " whenever if finds any detection.
     
  18. ploppo

    ploppo Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    8
    It's their loss (I hope), as I noted that Bitdefender has a 30 day refund policy - so I am hoping to get my money back and go back to using Microsoft Security Essentials which does prompt and I quite like it.
     
  19. guest

    guest Guest

    "Panda"
    Will for sure delete without asking
    I used it at one time, it may be different now
    but it also messed up some other setting too:mad:
     
  20. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Seems most vendors feel that the public's knowledge of which files are safe/dangerous is less than their product development team and therefore feel it is better to leave decisions on what to delete/quarantine up to the program rather than the user,with most users this is probably the right way to go as I get far less machines brought in screwed up by false +ves(can't remember last one!) than I do where the user as allowed what they thought was a safe file/app to run,what you have to realise that the folk that visit/use sites like this are in general more computer savvy than those who don't,and the numbers who don't visit are far greater,they are the bulk of the market these products are aimed at
     
  21. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    Still, if ESET and Kaspersky can both provide the option for automatically or manually deciding, there is no reason for companies like Norton and others not to offer the option. I wouldn't even mind if the default was to behave like it does now, and put in some advanced settings to let me decide, especially on unknown files which is where these automatic products fail. It just doesn't seem an unreasonable request to me.
     
  22. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    If vendors want to make a auto pilot like BD it should be auto quarantine and it can be simply restored if its a FP and perhaps added to a trusted list.Just my two cents for what it's worth.
     
  23. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    I have run AV's in the past that do not bother prompting the computer user for actions BEFORE deleting a file which might be LEGITIMATE.

    That has happened to me with ESET, Symantec, McAfee, Avast! among others.

    I remember some time ago plugging in a USB drive on my PC with the installation files for MS Office 2003 which was running ESET NOD32 v4 and, WITHOUT a prompt, NOD32 deleted a core file needed for the installation of Office, rendering the installer inoperable. [I left my subscription to NOD32 run out this month and did not renew it].

    Same with Symantec, but this time was with Combofix, from Bleeping Computer. After plugging in the USB flash drive, WITHOUT any prompt, Symantec DELETED [did NOT quarantine] Combofix making impossible to recover it.

    These things are SCARY becasue if the detection-delete of the files are False Positives [FP's], you are doomed.

    The only AV that was not taking action without prompting the user was MSE, but the version 2.1; I think that from Beta version 4 onwards, MSE is no longer prompting the user and it's deciding by itself.

    That's why I stated in a post at the Anti-Malware sub-forum that I was seriously thinking about no-longer running AVs on any of my PCs.



    Carlos
     
  24. guest

    guest Guest

    sometimes auto quarantine restore does not work,
    it may put the file back but it fails to register in windows
    or just plain does not work correctly after restore:mad:

    what I would like is a AV that does not even have the
    ability to repair but is very good at letting me know if
    I am infected then I could just do a image restore for the
    repair:thumb:
     
  25. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Hello,

    I regret to inform you that Microsoft Security Essentials 4 (Beta) being released soon is taking an identical model to consumer PC security.

    The "Default Actions" are gone. Furthermore, there will be absolutely no way whatsoever to change how MSE responds to threats. The default will be automatic malware remediation...it will auto quarantine most things, auto delete byte-for-byte matches, and prompt only for adware/grayware.

    Long story short and many angry, maybe a bit over the top posts on Microsoft Answers aside...it sucks. I feel your pain. Security vendors are over-stepping their bounds.

    I am and always will be a proponent of automatic quarantining, but there are people that just will not work for, and those people deserve to have an antivirus too.

    Microsoft is trying to dumb MSE down to be so radically simple that it doesn't match the level of quality that the rest of Windows has.

    I offered them lots of feedback, most of which their sacred MCCs, MVPs, and arrogant community stars just through in my face. They don't care. Shut up and let us "protect" you is the new attitude for Windows 8.

    I even offered them a picture AND video feedback showing how by removing default actions and replacing it with a totally simple, one-option only setting page called "threat response", they could solve this issue...but I'm sure they laughed at that idea too and figured it would defeat the purpose of their changes.

    My suggestion was to implement a simple "Let me choose" or "let Windows choose" option for threat response, much like Windows Backup setup works.

    Oh well, just another reason life sucks. :/
     
Loading...
Thread Status:
Not open for further replies.