Antimalware Software
-
blackbird71 last edited by
Perhaps you've already figured it out from Wiki... but if you go to https://www.virustotal.com, it shows a box where you select the file from your system that you want to upload to VirusTotal. It will then scan the file against a multitude of virus scanners and provide you the results. To use it, you'll probably have to first un-quarantine the files and upload each from its original location, since AV quarantining usually involves the AV altering the suspect file itself to make it unexecutable (hence quarantining it). It has to be reconstructed by the AV via un-quarantining to make it recognizable by the scanners at VirusTotal (or Jotti, if you use it).
-
A Former User last edited by
360 is kinda crappy - though powerful.
I've sent feedback twice about the lack of settings etc., and posted on their Fb page. No meaningful answer yet... :wait: -
A Former User last edited by
The recent sweep, my 360 seems to have wiped out my RealPlayer's
Library
- at least no playlists were found, which had been a few definitely.It cleans good though...
-
A Former User last edited by
How much traffic will it usually take to install a copy of BitDefender?
I'm on a limited package right now...
And is this the right page to take it? -
blackbird71 last edited by
The page you reference has the name appearance of perhaps a stub installer. I believe the actual BitDefender install file is around 6-7 Mb, which if accurate, is not that bad - but I've never used it so I can only go by what a number of Googled postings have mentioned the size as being. Some of these AV installers are designed to go out and immediately pull down a bunch of other files from the server - even an entirely different, new program version compared with the installer's version, so it's kind of hard to tell for sure unless you can find somebody who's actually been through the process recently and paid close attention to the traffic sizes.
One possible other issue is the periodic signature update size - some users report it runs as much as 60 MB in size, and is supposedly default-scheduled multiple times a day, though it seemingly can be set to less frequent settings. Again, all this is based on postings I've read, not on first-hand experience. You might want to spend a little 'quality' time sifting through Google responses to dig further into the update size and frequency questions. At least the initial download should be a one-time cost regarding its size.
-
A Former User last edited by
I believe the actual BitDefender install file is around 6-7 Mb...
Megabit or megabite (MB)?
-
A Former User last edited by
One possible other issue is the periodic signature update size - some users report it runs as much as 60 MB in size, and is supposedly default-scheduled multiple times a day...
Would you mind explaining it in some plain English?:rolleyes:
Anyway, where shall one find the right copy of BitDefender?
-
blackbird71 last edited by
In plainer English (hopefully), most AVs routinely check for updates to their virus signature database daily or even multiple times each day. Some of them update by downloading the entire signature database, some by simply adding changes to an existing local database. Each update size depends on how the AV program is coded or whatever changes (if any) have accumulated. How often the AV updates is determined by a setting in the AV program, with some default value always applied at install.
If you're dealing with a limited data package, how big a typical update would be and how often it updates are of very real concern to you. Some BitDefender users in the past few years have complained that their typical update size was 60 Mbytes, and their program's default setting was to check for updates multiple times each day. When BitDefender happened to update their own server database frequently for whatever reasons, then the limited-data-plan users would be facing fairly large downloads multiple time per day, based on the default AV settings. Since the download size would have to be whatever it would be, the recommended solution was always to reduce the checking setting to no more than once a day, if even that often.
My point was only to make you aware that the update size and rate of occurrence are possibly more important issues than the initial AV program download size if you're under a tight user data cap. Since I don't use BitDefender, you'll have to research this deeper to find more current or reliable answers for your particular situation. You might try BitDefender's forums for some better and more up-to-date details for their AV.
As far as program downloads, I always go right to the maker's own site. It's safer and usually more reliable than 3rd parties with their risks of out-of-date programs or bundling with trash-ware. Even if the maker's site uses a stub installer, it shouldn't magnify the overall program download size much at all, compared with a 3rd-party executable file. So in this case, I'd use BitDefender's own site to get the software.
-
A Former User last edited by
- Is that
bitdefender.com
their own site? - How does it get along with the system's regular AVs?
- Is that
-
blackbird71 last edited by
I apologize for my confusing the BitDefender AV product's size with the anti-adware product you referenced a few posts up. I ran down the wrong rabbit-hole after that. Their anti-adware product is around 45 Mbytes in size and can be used as-is without an OS installation. It doesn't really update periodically, so that kind of data loading won't be a problem for a user with a data cap. The product generally is set up to use in a manual scanning manner.
However, some BD ART users have apparently run into conflict issues with certain AV's, Sophos in particular. BitDefender recommends when doing a scan that the user take their system offline, shut off any resident AV, perform their BitDefender Adware Removal Tool scan and removals (if any), then shut it off, reactivate the resident AV, and finally put the system back on line. There can also be conflicts with other anti-adware tools if they are active/running at the same time as a BitDefender scan. This is not uncommon for many (but not all) anti-malware/adware tools - they tend to not like each other very much if running at the same time. Sometimes this has to do with one tool activating an adware file to remove it, but the other tool seeing that and trying to grab control to kill it at the same time - most software doesn't tolerate that kind of competitive behavior very well.
Yes, bitdefender.com is the actual BitDefender site and a safe place to download from.
-
magaretz last edited by
Well, my limitations are that the trial ends not further than in a month - then it's definitely uncertain.
-
A Former User last edited by
Does every regular AV allow to (temporarily) shut themselves down?
Or is there maybe a system control for that? -
A Former User last edited by
My 360 doesn't seem to like Google Chrome very much: frequently doubting chrome files, now it's even deleted Chrome's updater file...
-
A Former User last edited by
Well, it appears that my 360, in settings, has something for Bitdefender, but I can't clearly understand what it is and what it is for: .
Who knows what it is?
Does it mean 360 is ready to fight Bitdefender or does it mean that 360 is ready to cooperate with Bitdefender?
-
blackbird71 last edited by
360 has the capability of using multiple local scanning engines as well as its cloud engine, one of which is BitDefender AV - or at least 360 had that capability in 2013: <http://www.wilderssecurity.com/threads/360-internet-security-free-triple-antivirus-engine-bitdefender-included.348585/ > The panel you show looks like one that allows the alternate local engines to be controlled from within 360. Otherwise, be careful when BitDefender is mentioned somewhere, since many or most references are to its more widely-known AV product, not its Adware Removal Tool product. That was the trap I fell into a few posts back.
Most AVs have a setting allowing them to be at least temporarily disabled, often accessible through the icon in Windows Tool Tray. I don't know about 360, though.
-
A Former User last edited by
Most AVs have a setting allowing them to be at least temporarily disabled, often accessible through the icon in Windows Tool Tray. I don't know about 360, though.
Yeah, the two items at the very bottom are called "Enter Silent Mode" and "Exit" (the latter's after a
hr
).
I don't know about the "Silent mode", but the other might be it. -
blackbird71 last edited by
'Silent mode' usually means the AV continues doing its thing, but it shuts off its normal alert messages along the way. That is, it quarantines or removes files or whatever 'silently'. In terms of avoiding conflicts with other anti-malware, it's doubtful that 'silent mode' will provide any relief. What one needs is some control like 'pause', 'temporarily suspend', etc. Otherwise, you'll have to Google a term like '360 AV turn off' or similar to find out what other users may have done.
-
A Former User last edited by
It takes 360 some ages to scan my archives... :wait:
The question is, can malware insert itself into already existing archives?
There are three types of archives I've come to think of:- programs' archived files, including that of the system;
- the user's own archived files (presumably s/he checked them at some point before archiving already);
- "ready" downloaded archives.
I can think that number 3 might be of risk, but I always check all downloaded files immediately - even if I had uploaded them myself or from "trusted sites".
What about numbers 1 & 2? Can those be of risk?
Does some antimalware software allow for "trusting", skipping scanning some existing files on system? Will it be of sense to apply such "trusting"/skipping?
-
blackbird71 last edited by
There are a number of factors influencing what malware can and cannot do on a computer. In general and unless otherwise blocked, malware can insert its own payload files among the various legitimate files collected on drives or within folders - though which drives or folders are more easily accessible for infection is greatly affected by the access compartmenting that occurs when employing the OS's limited user accounts or group-policies for files and folders. In some cases, some legitimate files can even be replaced by similarly-named malicious file versions. However, malware is usually not able to directly and effectively alter the contents of existing complex files without causing corruption that renders the infected file unusable - thus the risk of infection in that manner is considered minimal.
If one is archiving files using an imaging program like TrueImage, Paragon, or similar to create an archive backup file of a drive or a folder of files, malware will only ever appear within that archive if it was already present on the system at the time the archive was created. The malware can't normally infect such an existing archive after it's created. But it can independently infect the drive on which the archive is stored, as noted below. If one is archiving files by directly copying them to a backup drive or flash-stick, then again, the backups should be clean of malware if the original source folders were clean - except in that case where malware independently infects the drive on which the archive is stored.
When one is archiving files to another drive, either via an image file or directly copying the data files over, existing malware on a system can, in principle, infect that other drive the moment it's connected to the computer. In this regard, a lot depends on how the specific malware is designed; not all malware has the capability, but some does. The deeper the malware hooks into the kernel code of the operating system, the more readily it can replicate itself onto other drives or flash-sticks. If one is storing backups (or even an image file) to another drive, some malware has the capability of infecting that drive directly before the archive file(s) are ever copied onto it. If a persisting stub file from the malware is then somehow able to point back to that instance of itself on the backup drive, it can re-infect the main system as soon as that backup drive is accessed. In the case of malware that infects a disk's MBR, unless that infected drive is deep-reformatted, that malware will survive a mere light-formatting process and potentially call out to its stored instance on the backup drive to reinfect the supposedly-cleaned system all over again as soon as that drive is connected.
However, the most common cause of reinfection for most malware victims is that they discover malware on their system, go to great lengths to clean it all up, then later have other problems requiring a system restore or restoration from a backup set, whereupon the earlier-removed malware suddenly reappears from within the file collection of the archive. This is one of the major reasons it's important to try to figure out how and when any infection has occurred, and to delete any archives or system restore points that occurred between the infection time-point and the point of cleanup. Otherwise, reinfection from the backup set(s) will occur. Obviously, the more backups routinely made and the more careful the system observations by the user, the more quickly he will recognize an infection and be able to minimize the look-back period that has to be discarded before restoring.
Most antimalware allows 'whitelisting' of both files and folders which skips them when scanning. Ordinarily, it's wise to avoid whitelising a folder unless you really, really have to since it gives a sanctuary for malware to hide. In cases where a folder has to be whitelisted, one should use access controls to govern very tightly which user accounts can alter the folder's contents.