Db Free Quarantine Issue
I have used a variety of AV scanners and recently viewed a review of BDF which got extremely high marks. I have it now installed on a lappy and as far as protection goes it seems ok although the lappy does not run for long as I used my DT normally with CIS 2013. However, to do some tests, I did scan a folder (Downloads) which did take about 6 minutes and BDF quarantined without my input one file. However this file is a perfectly legitimate file and the .exe installs a program I currently use on my DT.
What I would like to know, and have been unable to figure out how to do, it to remove the file from quarantine or even better be given an option of what to do with a file that is found by BDF to be of concern requiring it to be quarantined.
I may have just missed something but I don't think so. As an Admin in PC Tech in Paltalk we like to be able to refer good freeware AV programs and suites to users that may not have good protection. Any assistance would be most appreciated.
Comments
-
Hello,
Please send us that file so we can remove detection.
Also, for the issue with the quarantine, I already escalated the situation.
http://forum.bitdefender.com/index.php?sho...st&p=170448
Take care.0 -
Ok, I'll bite. What is the exact process required to send the file which is quarantined?
rather than full path, here I will mention that the file is \shutdownafter2.2\sa.exe
which is a perfectly good file as far as I can see as I use the program on my DT computer daily.
Thanks for the assistance.
Hopefully BD will provide a means by which files that are false positives can be removed from Quarantine and also have a situation where the user can choose what to do with a file rather than auto quarantine. I can do without the latter as long as there is a method to "undo".
Thanks for the assistance.
ah, may I see the solution re the file
well that does not work as because it is under quarantine, I can't share the file or open it so I'll leave the solution to you folk0 -
Hello mur_phy,
Can you send us that application (shutdownafter2.2), I can't download it from the net.
Also send me the gzserv.log file located in the folder where you have installed our AV.
You can send them via http://www.sendspace.com or http://www.mediafire.com and after send me the link or more simply via PM.0 -
Hello mur_phy,
Can you send us that application (shutdownafter2.2), I can't download it from the net.
Also send me the gzserv.log file located in the folder where you have installed our AV.
You can send them via http://www.sendspace.com or http://www.mediafire.com and after send me the link or more simply via PM.
Darn made a goof so have to start again.
here is the SA 3.0 file
the link to the SA site http://www.vcsoftwares.com/sa.html
CIS 2013 did not like the download either onto my DT but I believe that is because of what is at the bottom of this page http://www.vcsoftwares.com/dsa.html
Because those items are optional, I simply decline so not an issue but I suspect both CIS and BD (on my lappy for testing).
I have to go out but when I get back, I'll startup the lappy and get the file you asked for and send it also to you. Because I have SA 3.0. I'm not so concerned about being able to get 2.2 back but I have spoken with others and a concern about using BD freeware is the fact that there is not a means by which one can select to have an item quarantined and more importantly no way to retrieve the file if it got there erroneously.
Hopefully BD will adjust this with an update. Let me know if you still want the file.0 -
Hello,
So I have tested SA 3.0 and there seen to be no problem.
In the log that you sent me, BDAVF quarantined SA 2.2 and not SA 3.0, so may be there is an issue in 2.2 version.
Anyway when I tried to download the file from your link without any AV installed, the browser has reported that it is a suspicious file.
Also I uploaded the file that you have sent (SA.exe) to Virustotal and seems to be also quarantined by other AVs:
https://www.virustotal.com/file/32b62f1f510...ef23a/analysis/
So I believe that SA is not quite a legitime software.0 -
Hello,
So I have tested SA 3.0 and there seen to be no problem.
In the log that you sent me, BDAVF quarantined SA 2.2 and not SA 3.0, so may be there is an issue in 2.2 version.
Anyway when I tried to download the file from your link without any AV installed, the browser has reported that it is a suspicious file.
Also I uploaded the file that you have sent (SA.exe) to Virustotal and seems to be also quarantined by other AVs:
https://www.virustotal.com/file/32b62f1f510...ef23a/analysis/
So I believe that SA is not quite a legitime software.
Hi Cat -- the software seems ok but I believe the concern the scanners have is with the items that are checked by default to add a couple of toolbars. when I installed 2.2 I made sure not to have those items checked and I have been running the program for a couple years quite successfully.
My major concern is with possible other situations when items may get quarantined without any user input or ability to edit the quarantine or put something in a white list from what is listed in quarantine.
So, I guess the question really is -- Will BD be adjusting the program to not do auto quarantines or if it does, allow the user to remove a quarantined item if it is a legitimate item. Currently our PC Tech room is referring folks to AVG, Avast (mostly), some MSE and CIS which is my own main AV suite but I'd like to recommend BD freeware as it is quite simple for users and seems to have an extremely high detection rate.
I will be watching for future reviews of BD Free and hope that they all are equal as the simpler and better an AV scanner is, the better for the average user. Thanks for your assistance in this regard. Also, I'd like to feel comfortable about installing BDF on my wife's computer as although MSE is a set it and forget it program, unfortunately, its detection rate has become very poor.0 -
Hello again mur_phy,
In the next update it will be available the restore option from quarantine.
We are also thinking to add an exclusion list but this is not a priority.
The philosophy of the product is to keep it simple to gain best performance and not to draw attention on it.
Thank you for recommanding further our product.0 -
After doing a reformat and reinstall of W7, I decided to try BD on my DT computer instead of returning to CIS 2013
One additional issue I have found is that if BD blocks a known good website, there does not seem to be a way of accessing the site in any way even if one exits from BD. The website that the PC Tech room has http://surftopctech.com/ and which we use constantly is being blocked. Work that I do related to W8 is being posted by the webmaster to the site and i am now unable to access the site for that and any other items I may wish to view. Because we offer links to many legitimate freeware software, maybe that is the reason. Is there anyway to over ride this block? If not now, could BD please incorporate that into the programs website protection? Maybe at the same time the restore from quarantine is done the update could also have this feature.0 -
Explain the last update, I don't see what has been improved in the quarantine module.
0 -
I have not had anything recently go into quarantine so not sure what differences there may be. However, the link that I posted has been removed from "no go" to "acceptable" it appears as I have been testing it now for a couple of days successfully. I have not checked any of the sites contents however. In the Windows 8 section, more links will be added as the webmaster gets to it and I will be sending him more when he gets all that I have sent to him up to this point. All the links that are there are from tested programs that are all legitimate freeware. Hopefully as time goes on we will also be able to include Betdefender freeware AV scanner.
0 -
Hello Rampant,
This is an intermediary update to prepare the product for the restore option.
I am sure you have noticed that some files are now quarantined and not deleted. And it is true that you can't do nothing with them but just wait a little bit .
Thanks for the feedback.0 -
By the way mur_phy, very nice website you posted, #9, allot of nice resources
0 -
After doing a reformat and reinstall of W7, I decided to try BD on my DT computer instead of returning to CIS 2013
One additional issue I have found is that if BD blocks a known good website, there does not seem to be a way of accessing the site in any way even if one exits from BD. The website that the PC Tech room has http://surftopctech.com/ and which we use constantly is being blocked. Work that I do related to W8 is being posted by the webmaster to the site and i am now unable to access the site for that and any other items I may wish to view. Because we offer links to many legitimate freeware software, maybe that is the reason. Is there anyway to over ride this block? If not now, could BD please incorporate that into the programs website protection? Maybe at the same time the restore from quarantine is done the update could also have this feature.
Hello,
It is true that when the product blocks a web page there is no option to bypass the protection. You can switch off the virus shield and continue at your own risk.
Also the option that you have mentioned is on out do to list but I can't tell you now when it will be available.0 -
Whoops. I posted without reading today's news.
This update is still, more or less, useless, though.0 -
Hi Cat -- unfortunately, the shutdown of BD did not work in this case. I even used C Cleaner to clean all the cache etc and tried again -- no luck. Tried a full reboot and turned off BD again and still no success. The following day however as noted above, SUCCESS in accessing the site. Did grab ahold of the rootkit remover and a user in the room tried it too but nothing occurred with him even though he felt he may have a rootkit. Unfortunately, I was not around later to find out the result of his using tdsskiller or perhaps the malwarebytes rootkit removal tool.
0 -
Been awhile since using the laptop where the file is quarantined. BD did updates and system rebooted and still no method of removing the item from quarantine. Is this request still in the que? Any idea of a time frame for the solution? O/W things seem to work fine with BD free.
0 -
Hello mur_phy,
We are still testing this feature to make sure everything works fine regarding previous release version but I can't tell you a release date right now.0