Ask our Principal Software Developer anything

Alexandru_BD
Alexandru_BD admin
edited September 2022 in Security Research Team

At Bitdefender, we take great pride in the advanced security solutions we provide, and even greater pride in the success our customers achieve when they use our products. Behind performance and success, there are always committed and resilient Bitdefenders that make things happen.

The developers use their advanced programming skills and design knowledge to build the awarded antivirus that protects so many users worldwide.

Our Q&A spotlight series where community members meet our specialists continues, and this month we’re featuring Cristian AMARIE, a Principal Software Developer at Bitdefender, who will be answering your questions. Here's what he wanted to share with you:

Working in Bitdefender for some years now, mostly doing C++ on Windows, tinkering on operating system's insides, browsers (mostly Chromium) and in general I like to tackle hard Win32 chapters known to man. Outside work, I'm indulging in enormous quantities of coffee, running my own Rock Now Radio station, very large fully upgraded Dawn of War and Starcraft armies, very sharp King's Gambit (white) and Najdorf Sicilian with black and watching everything classic Doom and Quake.

Cristian is also an experienced member of this community, as he joined us back in 2012 and amassed an impressive number of comments over the years.

What would you like to know? Ask your questions in the comments below! ⬇️

Premium Security & Bitdefender Endpoint Security Tools user

Comments

  • Hi Mr. Cristian AMARIE,

    can you tell me if the free version of Bitdefender, which is arousing great interest, will be implemented with some other features? Or whether some advanced security features will be made available and activated?

    Surely Bitdefender Free would give the competition a lot of trouble and increase your user base which would allow, through the various user feedbacks, to also reinforce the defense of paid solutions.

    Also it would be nice and interesting to equip the TrafficLight extension with a good AdBlocker.

    Thank you.

    Greetings.

    Nunzio d'Abbruzzo.

    Nunzio ·

    Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security

  • I need help. In April of this year I purchased the Total Security Pkg from BitDefender. This week I was having my computer run through the diagnostic clinic at Office Max. They say that I have 6 viruses and want $99 to take them off. Shouldn't BitDefender have blocked those viruses? Is there a way to get BitDefender to take them off for me? Also have another question. How do I contact the company to ask questions? This was the only place I could find.

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭

    @Plainswalker7

    Hello.

    First, take screenshot(s) of the issue,

    create a log file on your Windows device using Bitdefender Support Tool, by following these steps:

    and

    create a log file on your Windows device using BDsysLog, by following these steps:

    Next, contact Bitdefender Consumer Support by e-mail:

    with short description of the issue.

    After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.

    Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.

    Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.

    Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.

    Regards.

  • camarie
    camarie Principal Software Developer BD Staff

    @Nunzio d'Abbruzzo

    can you tell me if the free version of Bitdefender, which is arousing great interest, will be implemented with some other features? Or whether some advanced security features will be made available and activated?

    There are a number of proposals for making few more things available, but I cannot say for sure when (and if) such features will make it into the free version.

    Also it would be nice and interesting to equip the TrafficLight extension with a good AdBlocker.

    You can always try the free trial of Total Security, which contains quite a number of privacy-oriented features - Anti-Tracker which integrates with major browsers, Safepay for a completely isolated environment and VPN. An adblocker, while making website visit more easier, is exactly not a security feature. But point taken.

  • Nunzio ·

    Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security

  • Good morning mr. Cristian AMARIE,

    i ask you to take a look at my following posts which I think will be useful in improving Bitdefender's protection:


    Bitdefender Free - Blocks malware but doesn't always quarantine it:

    https://community.bitdefender.com/en/discussion/92021/bitdefender-free-blocks-malware-but-doesnt-always-quarantine-it#latest


    Bitdefender Free (new version) - suggested improvements:

    https://community.bitdefender.com/en/discussion/comment/313556#Comment_313556


    Thank you.

    Nunzio ·

    Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭

    Hello, Mr. Amarie.

    Can you tell us what is your opinion on the future of malware, in the means of new malware trends and new malware attacks, and will be the malware of the future independent and adaptable, something like AI-driven malware?

    Thank you very much for your answer.

    Kind regards.

  • camarie
    camarie Principal Software Developer BD Staff
    edited August 2022

    @Gjoksi

    Can you tell us what is your opinion on the future of malware, in the means of new malware trends and new malware attacks, and will be the malware of the future independent and adaptable, something like AI-driven malware?

    I think the malware has diverged in the last years (and take these lines more as a personal consideration, being involved in some areas of security but less in others). If initially there were college kids that split files in half just for fun, today malware specializes, much like various gangs specializes (some guys are loan sharks, others steal identities and money, others spam/fishing and so on). There is state-sponsored malware; various groups more or less sponsored by other organizations; small timers; home loners; copy pasters - and I can go on for a while.

    What I can say is, from my (technical) point of view, is that the weakest link is still the user. Social engineering, imperative emails asking for immediate passwords reset, applications not updated/patched, misconfigurations, and the fact the regular user should not be always alert - these are, for a consumer user, the main troubles. This is why we stress this part to the user and various Bitdefender products scan regularly for such indicators that might lead to trouble.

    If some obscure group makes a DNS flood attack on some ISP we might not be able to post or watch movies for several hours, or perhaps a day, but not much else happens at home - while receiving an extortion email, click-me-you-will-see-beautiful-naked-ladies links, or having an unpatched web browser and visiting websites with dynamic content posted by all sorts of people - that is the immediate danger.

    Malware trends - most likely there are tools, proof of concepts, researchers and alikes working around the clock to employ every exotic form of technology, including AI, adaptability, machine learning, or other elaborate forms of saying the code behind is also taking decisions based on various criteria, and not doing the same thing over and over again. Most likely these technologies are used to analyze sample user data uploaded from malware, establishing a some kind of profile and devising a secondary set of attacks based on what the analysis produced, and I think this is where ML/AI is most involved: data analysis.

    After all, a malware can do only a small set of effects: destroy, collect, trick the user to do an action (or, in more elaborate forms, trick the user to create the conditions for subsequent actions), or be itself a host for other dedicated malware by downloading another attack vectors or creating intentional vulnerabilities. I'm sure all these technologies and more are used on the backend - everyone having customers (willing or not) does analyze them - but less so on the end device.

    But on the end-user device, I'm a bit conservative to say if such complex technologies will be used on a large scale. Not for other reason, but the end user does not worth the effort to employ tactics and means too consuming. Although the real world does have (even very old) examples that might contradict me - I'm thinking on one of the oldest malware known, Tremor (first spotted in 1993), which was - at that time - polymorphic, self-modifying, deciding behavior depending on environment, spreading using another executables and a lot of other intelligent techniques - and that was like a lifetime ago before ... almost anything.

    On the business side, I'm afraid I'm not too qualified to comment. I suppose malware is somewhat similar in the techniques with what affects the end-user, only with more emphasis on misconfigurations, user rights and unauthorized data access. Here AI techniques are probably more often involved, reward being much higher for a business malware. But even so, in the end, irrespective of technique, malware is looking for the same vulnerable things: unpatched software, weak passwords, users inserting USB devices in all sorts of places etc.

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭

    @camarie

    Thank you very much for your detailed answer.

    Cheers.

  • @mrmirakhur if you are not here, you are missing out 😀

    Premium Security & Bitdefender Endpoint Security Tools user

  • Nunzio ·

    Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security

  • Flex, @mrmirakhur where are you?! :)

    Intel Core i7-7700 @ 3.60Ghz, 64GB DDR4 || Gigabyte nVIDIA GeForce® GTX 1070 G1 8GB || WD Blue NAND 500GB + 1TB

  • @camarie For some days this anomalous behavior of high hard disk use has been occurring when starting the PC for about 20 minutes ... Can you tell us something? Will the problem be solved?


    https://community.bitdefender.com/en/discussion/93017/bdservicehost-bitdefender-virus-shield-uses-50-of-the-hd-after-every-windows-boot#latest

    Nunzio ·

    Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security

  • camarie
    camarie Principal Software Developer BD Staff

    @Nunzio d'Abbruzzo I'm not sure what happens yet, but let's keep the issue in the corresponding thread.

  • camarie
    camarie Principal Software Developer BD Staff

    @mrmirakhur Thank you for the comments. Quite a list, and the scanning part is not exactly my daily thing, but I'll try to address at least some of them.

    First I want to let you know that all your comments and suggestions were made available to the team. I'm confident we will look into them. While I cannot say at this time what and when we can pick up, we will discuss all of them shortly.

    Now getting into your list. Remember there are zones where I am not writing code and/or I am not directly implicated, so please take what follows as my personal view, and at times not necessarily the best one.

    I personally find the scanning speed of bitdefender for windows to be slow.

    That depends on many factors, but mainly on how the scan is performed. The number of options and depth is quite large, and to compare two products' scan when one is using a handful of flags and the other a lot more will obviously make the first faster; add to this the tradeoffs picked on by various products (how much memory it consumes, if there are CPU/RAM limits etc). That being said, since it's not my dev area, I forwarded this observation to those knowing in detail what happens.

    [...] there should be an option where only user gets to choose whether he wants to delete all the files or disinfect the files [...]

    It looks like a reasonable proposal. But, again, there is a tradeoff. You are a malware researcher, which places you in a small class of power user, and I understand the need for various touches to help you doing your job. On the other hand, this is a consumer product, which means the number of options, while needed, has to be kept in check, otherwise what looks for your natural and helpful might end up as overwhelming and unnecessary complicated for the other 99%.

    [...] Resolution would be very easy. [...]

    It might look this way, but it never is. A list with 10k files introduces a slew of other complications - think virtual lists, pagination; do we keep all the items and the associated data - persistent or not - in memory? how the scrolling behaves? do we risk UI freeze? should we use recordsets? Should we make it paginated? should we implement a filtering, combined with exclusions operators? And the possibilities of ending up with a mini-Excel just for one feature is quickly adding up.

    Think on a web page with 10 or 10000 DIV elements inside: the 10k one surely pushes the DOM limits. Or opening Windows Explorer in a folder with 10k files; one quickly notice what happens when opening a directory containing a large Git repository, for example.

    Don't get me wrong, I would like to have a full search feature, filtering and composing operations, even a scripting feature. But a consumer product have to be simple, and the one-size-fits-all almost never works unless one is targeting a very specific set of users.

    Can the developers try to recheck on the current gui of bitdefender and if possible bring back the old gui of the version 2017/2018

    Well, it's not up the developers - we just implement the UI. That being said, in the Settings page there is the Dark Mode which is similar, with a slightly different theme. Bringing back an old GUI might send a mixed message to the users, but in this matter I am preferring my UI to stay the same for years, the GUI has to evolve as well. The rule of thumb here is not easy to follow - while a product obviously needs to have its own identity, it also needs to integrate with an existing operating system.

    [...] mobile security for android and I have been trying very very hard to get this thing implemented from last 3-4 years but the development team is not approving this [...]

    I am not in touch with the Android team, so I cannot speak for their to-do list. What I can think is again related with what I said above: the product is targeted for users dealing with malware as it comes, one, perhaps a handful at a time, but not thousands. While I understand your use case, as a researcher, it is vastly different than a regular user one and needs available editing tools to perform needed actions, such a feature will probably will not be easily implemented, simply because IMHO its place looks more in a some form of mini-IDE/advanced editor rather than a security product.

    Regards,

    Cristian

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • @camarie if you succeed with the next update, fix the bugs of the USB On Demand Scan not working and also the Safe Search not working with Google.

    Thank you! 🙂

    Nunzio ·

    Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security

  • @camarie why do the Bitdefender AVs use a lot of RAM even at "idle"? Have you ever thought about reducing the percentage of RAM usage? For the latest generation PC, having 8GB of RAM or even more than 8GB the problem does not arise, but PC with lower RAM becomes a little more critical.

    Thank you.🙂

    Nunzio ·

    Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security

  • I recently received two emails (on gmail) that appeared to be from people I know: one from my brother and the other from an old acquaintance from school (50+ years ago). Both carried a lead-in that enticed me to click on them. Anyway, when I clicked on them I was taken to advertising for miraculous gummies. Supposedly got unanamous support from "Shark Tank." When I checked the senders' addresses they were NOT the addresses they were supposed to be.

    So someone has connected me to these senders and sussed out an event I would be interested in.

    I ran a full Bitdefender scan which checked over 2 Million files and turned up nothing suspicious.

    Maybe this is something you might want alert your subscribers about.

  • camarie
    camarie Principal Software Developer BD Staff

    @Nunzio d'Abbruzzo

    if you succeed with the next update, fix the bugs of the USB On Demand Scan not working and also the Safe Search not working with Google.

    I'm not directly aware of the issues, but I'm pushing the questions to the team. Can you elaborate a little on each of them (what is not working, more precisely?).

  • camarie
    camarie Principal Software Developer BD Staff

    @Nunzio d'Abbruzzo

    why do the Bitdefender AVs use a lot of RAM even at "idle"?

    Usually these are automated, scheduled things (things like "check if we need to display an alert", "check if vulnerabilities are present"), update checks, and OS detections triggering various routines (i.e. a new device has connected to USB, a new device appeared on the network etc.). So even if, for example, your PC is doing nothing but someone connects to the same WiFi network you are connected to, an entire array of things might be activated (do we know this device? is it running a known OS? it is a device running a Bitdefender product? etc etc etc). And in top of that, the entire infrastructure of an AV (which is really a suite of executables, engines, scanners etc.) gets complex very quickly because of the myriad of things it implements and being in constant connection with the OS. It's not like a paused game, that I can tell.

    Have you ever thought about reducing the percentage of RAM usage? For the latest generation PC, having 8GB of RAM or even more than 8GB the problem does not arise, but PC with lower RAM becomes a little more critical.

    We do, all the time, but we can do little when the OS requirements moves past 8 GB. Think Windows 7 which had no troubles accommodating AV, Office, browsing, games etc. in this amount of RAM, which is mandatory now for a Windows 10 or 11 doing barely nothing. But point taken, I am thinking on some areas that might enjoy a recheck to make them lighter in terms of memory. At least for discrete tasks, such as vulnerability scan - when comes to Safepay, for example, which is an entire browser, is quite hard to squeeze memory when an entire browser is launched and the webpages are so consuming these days. It's a constant struggle, that much I can tell.

  • camarie
    camarie Principal Software Developer BD Staff

    @Ausearch

    I recently received two emails (on gmail) that appeared to be from people I know: [...]

    I cannot help you much in this thread. I suggest you to post on a more dedicated section (mail, antispam etc.) to get replies that actually can address your specific issue.

  • Great point. Which is why I'm stubbornly still using Windows 7 Ultimate on my home media PC, as my ancient configuration built on LGA775, with a quad intel 6600 and 8 GB of Ram accommodates , without sweating just a bit, everything that I need and runs absolutely flawless (w7, office, BD + VPN, a plethora of games, from FPV to simulators to strategy).

    Fun fact: I've slotted in a new, faster SSD and I've installed W11 + office license (paid, ofc), and besides not recognizing my Auzentech Xplosion sound card, the EXACTLY same hardware barely catches its breath when multitasking. For 5 months now just sits idle , as my boot sequence remained on w7. I'll switch after hardware upgrade.

    Intel Core i7-7700 @ 3.60Ghz, 64GB DDR4 || Gigabyte nVIDIA GeForce® GTX 1070 G1 8GB || WD Blue NAND 500GB + 1TB

  • I noticed that if you insert a USB stick, even if you have the on-demand scan enabled, no scan request pop-up appears. If, on the other hand, real time protection is deactivated and a USB key is inserted, the scan request pop-up appears.

    Nunzio ·

    Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security

  • camarie
    camarie Principal Software Developer BD Staff

    @Nunzio d'Abbruzzo

    I noticed that if you insert a USB stick, even if you have the on-demand scan enabled, no scan request pop-up appears. If, on the other hand, real time protection is deactivated and a USB key is inserted, the scan request pop-up appears.

    Followed up with the guys knowing more than me. I'm not sure how this is supposed to work (I suspect it is by design), but it doesn't hurt to recheck.

  • @Bitdefender developers

    I read that BD will stop providing antimalware support for Windows 7 on 14. january 2023. Does this mean, that only new features won't be implemented, or will Bitdefender suddenly stop providing even definition updates on Win 7 machines ?

    Since I use BTS on Windows 8.1 (which is not a popular OS), I'd like to know, if for windows 8.1 we can also expect a 3 years time (2026), before you drop the support or do you have a shorter time in mind.

  • camarie
    camarie Principal Software Developer BD Staff

    @bluewill I am not aware of a firm date to end support for Windows 7, nor Windows 8.1. Surely it will be announced on the product page (or maybe it was already and I missed that), but from where I stand, we are still supporting and testing Windows 7 at this time.

  • @camarie

    Hi,

    this is the link to Bitdefender's announcement about Windows 7 support: "www.bitdefender.com/consumer/support/answer/32549"

    The article says

    "As of January 14th, 2020, Microsoft announced its end of support for Windows 7. The operating system accounts for an estimated 25% of used Windows desktop versions. ...

    ..... Bitdefender will continue to provide antimalware support to Windows 7 users for the next 36 months, until January 14th, 2023. "

    So, does this Bitdefender's announcement still hold ? If so, windows 7 support should end in less than 5 months. Should this happen, will security definitions suddenly stop updating or will stop only version upgrades ?

    I'm interested, if windows 8.1 will have the same 36 months extra period support (january 2026) or will it be shorter, being this OS much less popular than windows 7 (3% of total PCs).

  • camarie
    camarie Principal Software Developer BD Staff

    @bluewill That looks true. But I would say Windows 7 will be supported a little longer, not for any other reasons but the number of users still running Win7. Anyways, I will ask the business guys and as soon as I have news I will get back.

    The updates will probably not work anyways, since without two critical KBs (those related to TLS and new certificate signatures) nothing will work, and Windows Update on Win7 is dead as well.

    About 8.1 I think it will depend on both time and user base. I will ask this as well.

  • how do I know if the webbprotection is on?

  • Hello @Jorgen,

    You can find detailed information regarding the web protection feature by clicking on the link below:

    While connected, web protection should be displayed like this in the app:

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user

  • JeremyC
    JeremyC
    edited September 2022

    Hello Christian,

    I "fixed" the operating system vulnerability involving automatic login. I then observed the following behavior:

    In windows settings -> Accounts -> Sign-on options I see red text at the top of the page that says "*Some of these settings are hidden or managed by your organization."

    I could not find documentation on what the fix did, so I contacted support and asked what Bitdefender changed. I was told:

    "in this case, through the Vulnerability module and through Bitdefender, those notifications are only informative and once you click on Fix, nothing is happening because Bitdefender does not have the necessary permissions to change such options"

    I know that Bitdefender (and all antivirus) requires deep systems administrative access. Also, I can't imagine the product team would invest time in adding a fix button that does nothing. I really wanted to find the answer so:

    1) I built a fresh machine and installed Bitdefender

    2) I performed vulnerability scan

    3) I used Regshot to capture registry state

    4) I clicked fix

    5) I used Regshot to capture registry state again and compare

    6) I found Bitdefender added following keys:

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableAutomaticRestartSignOn: 0x00000001

    HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System\DisableAutomaticRestartSignOn: 0x00000001

    Recommendations:

    Someone work with leadership team to ensure support has the appropriate knowledge and skills to properly support the product that engineering has built

    Product team should provide documentation on what "fix" does and ensure support team (and customers) have access to that information

    A new feature to undo some of these fixes for low-risk vulnerabilities would be a "nice to have"

    Personally, I think that Bitdefender is an awesome product! I just noticed a disconnect between engineering and support that, if fixed, would make the customer experience much better.

    Thanks!

    Jeremy

  • camarie
    camarie Principal Software Developer BD Staff

    @JeremyC

    [...] *Some of these settings are hidden or managed by your organization." [...]

    This is displayed by Windows, not by us. It is an indication displayed for certain settings "this might be controlled by n outside admin". Usually this means the computer is joined to a domain (the story is far more complex, involving ActiveDirectory, Group Policy, the presence of certain tools such as Company Portal - or not etc). The documentation of MS itself is not generous as well.

    "in this case, through the Vulnerability module and through Bitdefender, those notifications are only informative and once you click on Fix, nothing is happening because Bitdefender does not have the necessary permissions to change such options"

    It might be the case. Or Vulnerability can change the values, only to be rolled back or reinstated by an administrator ****** or tool in case the device is enrolled in an enterprise. Or indeed it might happen the value remains as set by the vulnerability - it really depends on what policies are present on that machine.

    And the suggestion of be able to undo changes is really interesting. Perhaps also a possibility to ignore some of them by marking them as such and be able to re-bring them later into scan can be useful.

  • Hi Mr. Cristian AMARIE:

    I want to ask how long it will take for the simplified Chinese version of bdts to be launched. Many of our BD fans have waited so long that they no longer use BD's products. I hope BD's software developers can pay attention to the Chinese market. Thank you!

  • camarie
    camarie Principal Software Developer BD Staff

    @MengJi I have to ask the management and the OEM guys, I am not aware of this. Will be back as soon as I know more.

  • Within the next week, I will be getting a new computer. Should I uninstall Bitdefender from this computer and reinstall it in the new comuter? I don't want to have the old computer listed as having one of my five units using the program.

  • camarie
    camarie Principal Software Developer BD Staff

    @Termite If you plan to keep them both and you have free slots in your license, I am recommending to install Bitdefender on both computers. If you plan to exclude the old computer, then install Bitdefender on the newer one.

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭
    edited September 2022

    @Termite

    Hello.

    First, you need to remove the old device (the old computer) from your Bitdefender Central account, by following these steps:

    Then, you should uninstall the Bitdefender program from your old device (the old computer), by following these steps:

    That's all you have to do.

    After that, the old device (the old comupter) will be NOT listed in your Bitdefender Central account as a device using Bitdefender program.

    Finally, you can now install the Bitdefender program on the new device (the new computer), by following these steps:

    Regards.

  • Hello,

    I would like to thank @camarie for hosting this Q&A session with such interesting questions and insightful responses.

    I appreciate your time and I'm very grateful for your valuable contribution to the Bitdefender community!

    I hope you enjoyed this session and I wish to thank everyone for taking part in the event and for posting your questions.

    This Q&A is now closed. 🔒️

    Premium Security & Bitdefender Endpoint Security Tools user

This discussion has been closed.