Saturday, October 19, 2013

Back to MS-Security Essentials for now…

In the last GSD post, I made note that I had made the change from Microsoft Security Essentials to Bitdefender Antivirus Free._2013-10-04_19-24-14

The installation process went smoothly. Once on my Win 7 x64 bit system seemed a bit “peppier” after reboots.  For the first week or two I really didn’t notice any issues at all.

Then about two-three weeks in to using it I noticed a little notification that I had 15 files quarantined.

Goodness!

A quick review of the log found that I hadn’t succumbed to an onslaught of malware and viruses due to sloppy computing habits.

No. Bitdefender finally got around to scanning my collection of Windows utilities and found it ripe with all kinds of potentially unwanted software applications. Bad stuff.  Things from NirSoft that let me recover passwords and other things from beloved family members’ systems when they forget their system and email and other account passwords -- among other things. Oh my!

Bitdefender Antivirus Free Edition - Logs_2013-10-04_19-25-21

Here is what a Bitdefender quarantined file looks like.

asterisk logger - FreeCommander XE_2013-10-04_19-27-37

Well, we can’t have that!  So I went though the process of un-quarantining them.

Bitdefender Antivirus Free Edition - Logs_2013-10-04_19-26-00

And quickly I was done.

gc423pge.jby

Yea!

asterisk logger - FreeCommander XE_2013-10-04_19-28-07

Only when I went to use one of them, the executable file refused to run!  Blocked!

Nothing I could do could get it running. It was showing “Excluded” but I just couldn’t run it.

To complicate matters, after a reboot (troubleshooting) Bitdefender appeared to be trying to do a pre-Windows clean and file removal too. Hmm. Turns out that while I was working on that issue, it also found a USB stick I carry these tools on as well and had gone to town on the same file sets on it as well. I had removed the USB stick before reboot so it couldn’t find the files it was looking for. Fortunately the system came up no worse for wear despite some fairly scary language, but my attempts to later un-quarantine the files on the USB drive failed horribly and it refused to find/see them when I tried to exclude them.  Right-clicking the quarantined files and trying to restore them wasn’t successful on the USB drive either.

So I figured I would just re-download the handful of them from Nir Sofer’s website, delete my original files on my C: and USB drives, and put them back in.

Except I was met with a very frightening and ugly warning message in my browser that Bitdefender had identified the NirSoft website as a dodgy and dangerous location and didn’t really want me going there. In fairness, on the Bitdefender Free website, if you dig down on the page it does clearly say that the product does the following:

HTTP Scanning - Protects you from scams such as credit card phishing attempts, Bitdefender Antivirus Free Edition scans all the links you access from your browser and blocks them when they prove to be unsafe.

Unfortunately for me, that was the final straw.

So I uninstalled Bitdefender and reinstalled Microsoft Security Essentials.

Then I had to delete the still not really working “excluded/quarantined” files shown above off both my local hard drive and my USB drive. Luckily I could do that once Bitdefender had been removed and the system rebooted.

Then I downloaded all the “lost” files again from their sources. MSSE caught a few of the Nir Soft downloads but they alerted immediately and I was able to restore/exclude them with no fuss and about 30 minutes later had everything put back together again.

qjiw0nr5.qab

So, I must really be unhappy with Bitdefender right?

Well, it was an inconvenience to say the least, but I’m really not bummed out. If Bitdefender were to make some minor changes to their product, it might still win me back. I really, really, really liked the fast speed and light resources it displayed; particularly in that it made my post-boot and Windows login experience must faster and responsive that when using MSSE.

What I would like to see is a better set of options for controlling and enabling/disabling/fine-tuning features in Bitdefender free.  Unless they are there and I’m totally overlooking them…

  • I want to be able to disable the HTTP scanning.
  • When I restore/exclude a file, I want it to return to full functionality and remain whitelisted for future downloads and execution.
  • I want to exclude portable/external drives from scans when I feel like it.
  • I would like to know when Bitdefender finds something with a real-time pop-up alert and ask me what I want to do then and there…not let me find out about it later.
  • I really would like Bitdefender to warn me at a system shutdown if it has any “pending actions” that it plans to take on the reboot…and let me decide to follow-through with those actions or postpone or cancel that activity.

I guess I just want somewhat more advanced technical control over the operations and fewer headaches putting things back to normal.

Even “basic” MSSE allows me to…

  • Disable scanning of removable drives,
  • Exclude specific running processes from scans,
  • Exclude specific file-types from a scan,
  • Exclude specific files and locations from a scan, and,
  • not fiddle with monitoring and intercepting HTTP traffic to and from my web browser.

Hopefully future versions of Bitdefender Free can incorporate these items.  If so then I’m game and open to give it another shot.

Until then, I’m sticking with MSSE and continuing to recommend it to my own family and IT-support provided friends…unless they are horribly poor with their computing activity and I have to clean their systems more than a few times in a row…only then will I recommend they go to a more powerful (and less flexible) AV/AM solution, and that would be Bitdefender Free over most of the other free AV/AM offerings for Windows systems.

At least for now….

Possibly related:

Cheers,

--Claus Valca

4 comments:

Anonymous said...

Hi,
BitDefender requires me to setup account for accessing antivirus settings, that is why I removed it right after installation.

Unknown said...

I was using MSE for a while now, but now I went back to eSET. If you watch the deal sites like Slickdeals, you can usually pick it up for $20 for 1 year.

Claus said...

@ Anonymous - I was initially a bit concerned about the whole "setup/register" with your email address for BitDefender Antivirus free. However the whole time I have been using it on my primary (and longer in my VM systems) I have never been spammed or contacted by them. So that part seems a non-issue with me. What I also liked about doing so was that by logging in to their website, I could get a console-based operations view of the AV status of all systems that I have it running on that were registered with that account. That's a support feature that is very similar to the advanced features we use at work to manage AV clients across our entire enterprise. Granted, what you can do in the Bitdefender console view is limited by comparison, but it is still a neat feature that I do like. So for me, that was definitely an unexpectedly positive "plus" feature that normally would lead me to reject a product before getting into the starting gate.

@ Adam - thank you for the comment. That's a great recommendation! Many fantastic AV product vendors do offer limited time deals so you can get enhanced product features and support over the freeware versions at a very reasonable prices. Super-small price to pay than time and $ lost after a system infection and recovery.

Cheers

--Claus V.

Anonymous said...

@ Claus - Thank you for answer!
It looks like controlling Flash player on my own machine thru some web interface at Adobe web site. I think it is ridiculous -- to control my local installation from outer space.

Thank you.
Emmm.. Anoynymous :)