Bitdefender Services And Startup Entry

LFDD@BDForum

Hello,

I'm running on Windows 7 x64 Ultimate Edition.

Looking for a few more free MB Ram, I notice there are some BitDefender services I don't know :

Appears like process :

- bdagent.exe (startup entry) : BitDefender Agent

- seccenter.exe (don't know where we can manage it) : Bitdefender Security Center

- vsserv.exe (service entry) : BitDefender Security Service

- livesrv.exe (service entry) : BitDefender Update Service

Doesn't appear like process :

- IEShow.exe (startup entry) : locate in C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe

- IEShow.exe (startup entry) : locate in C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe

Here is some informations I get on the net :

~ about bdagent :

BitDefender Switch Agent. Startup background task whose role is to ensure that BitDefender continues to work properly and protect your PC when you have Windows XP and there are multiple users defined on your PC and Fast Switching is enabled (Fast Switching is the feature where you can switch to another user profile on your PC without first logging off the current user).

Down to end-user requirements. If you do not have Windows XP, then you can disable this program on the Startups tab. Ditto if you do have Windows XP but Fast Switching is not enabled or you are the only user defined on this PC. In any other scenario, leave this task enabled.

Most importantly, if in doubt, leave this task enabled !

This program is required to run on startup in order to benefit from its functionality or so that the program will work.

So firsts questions : what is bdagent for ? Is it necessary on Seven ? Is the first quote and the relationship with XP true ?

~ about IEShow :

IEshow.exe is actually the Anti-Phishing toolbar from Internet Explorer. If you don't need it, you can remove it from the startup list.

Questions : Is it true ? Why two different location ? If this tool is disable in IE, can I disable the startup entry ?

I've many question but let's start with those one

Thanks for your help !

LFDD

Find more posts tagged with

Comments

alexcrist

Hello LFDD,

So firsts questions : what is bdagent for ? Is it necessary on Seven ? Is the first quote and the relationship with XP true ?

The information from the quotes you posted is extremely outdated. A few years ago (back while BD v10 and older, before 2007), that information was correct. bdagent.exe (actually called BitDefender Switch Agent) was in charge of Fast User Switching (which only existed in XP back then). But since then, in bdagent.exe were integrated multiple tasks, including tasks which were controlled by separate processes. Also, many other features and functions were introduced since then, some of which were also integrated in bdagent.

Long story short: yes, bdagent.exe is an important part of BitDefender products, on all operating systems. It ensures proper communication between different BitDefender modules and also it's a bridge between BitDefender and the user. bdagent.exe is responsible of showing all alerts and information about BitDefender (including realtime virus detection, firewall alerts, or any other alerts/popups). Also, the BitDefender Scan Activity Bar is also managed by bdagent.exe

It is highly recommended to leave bdagent enabled.

Questions : Is it true ? Why two different location ? If this tool is disable in IE, can I disable the startup entry ?

I am not completely sure about IEShow.exe's role. Yes, I know the quote you gave was from a post that I wrote, but that post was written more than 2 years ago. Since then, 2 other BitDefender versions were launched and the architecture changed. I will try to find more exact information about this and get back to you.

However, I can tell you 2 things for sure:

- IEShow is not resident in memory. It runs, then closes. I'm not sure what it's complete role is, but it's related to Antiphishing.

- the 2 locations are there because you're running a 64bit system. The 2 separate instances of IEShow are for 32bit and 64bit. Both have to run on a 64bit system, because most browsers are 32bit (not 64bit). If you had a 32bit system, you'd only have one IEShow.

Cris.

LFDD@BDForum

Thank you very much for your professional answer, it was a pleasure to read it

Hope you will come with more info about IEShow !

But meanwhile, here are a few more questions :

~ about seccenter :

No particular information on the net... I found the quote below (and also that it was a spyware from WinDefender but doesn't concern us )

SECCENTER.EXE has been seen to perform the following behavior:

* Executes a Process

* Registers a Dynamic Link Library File

* Adds products to the system registry

* Reads your outlook address book

* The Process is packed and/or encrypted using a software packing process

* The process hooks code into all running processes which could allow it to take control of the system or record keyboard input, mouse activity and screen contents

* This Process Deletes Other Processes From Disk

* Writes to another Process's Virtual Memory (Process Hijacking)

* Makes outbound connections to other computers using NETBIOSOUT protocols

* This process creates other processes on disk

SECCENTER.EXE has been the subject of the following behavior:

* Created as a process on disk

* Enabled as a COM Object/Server on the Local Machine

* Executed as a Process

* Has code inserted into its Virtual Memory space by other programs

* Terminated as a Process

* Deleted as a process from disk

So is this the "main software", the one I can open in the tray notification ? If not, what is it ? What is the service responsible for its start (can't find it either in services or startup entries) ?

~ about vsserv :

vsserv.exe is a process which forms a critical part of the Bull Guard Internet Security suite and the BitDefender AntiVirus. This application protects your computer against Internet-bound threats. This program is important for the stable and secure running of your computer and should not be terminated.

The vsserv.exe process is a core component of your BitDefender internet security software. If you stop this process, BitDefender will not be able to effectively protect your computer from viruses and trojans, so unless it causes problems with your system you should try and leave it running.

It seems enough to understand it's a very important service ! But, just out of curiosity, what does it do exactly as service ?

~ about livesrv :

As you may already know, "livesrv.exe" is one of the BitDefender update processes and it's main role is to check the update server for new virus signatures, product updates and download them in the update location from your system . That is why you may feel that your computer is sending data all the time. In fact, new virus signatures or product updates are added in the update location.

BitDefender is a security package comprised of an antivirus, firewall and antispam modules. The antivirus module of this application uses a scan engine certified by authorities such as ICSA Labs, Virus Bulletin, Checkmark, Checkvir and TUV. Its firewall module on the other hand allows users to monitor and filter network traffic, regulate cookies and other intrusions to the system. It also has an antispam module that controls spam mails received in your inbox.

It seems clear enough also ! But however, is that service only checking for new virus signatures ? Does it do other tasks like "regulate cookies" for instance ?

Thanks a lot for sharing your knowledges, that is very kind of you !

(and sorry if the english is not perfect, but that's not my native language )

alexcrist

seccenter.exe - main BitDefender Graphical User Interface. It's responsible for showing the BitDefender Security Center window (when you double click the tray icon). It's started by bdagent.exe

vsserv.exe - it's the BitDefender Security Service (or BitDefender Virus Shield). It's in charge of all scanning that's made in your system (including Realtime Protection and OnDemand scans).

livesrv.exe - the update service. Check for all types of BitDefender updates (virus signatures, antispam signatures, antiphishing signatures and product upgrades).

I didn't understand the question about "regulate cookies". Please rephrase.

Cris.

LFDD@BDForum

No matter, you write the answer I was looking for

So, thanks to you, I have no more questions !

Thank you very very much for your help, you have done a quick, precise job, exactly what I expected from you. Thank you.

PS: If you have extra informations about IEShow, please put them here Thk !