Hot Take Bitdefender - Task Manager, Realtime and Password Protection Bugs

Ahmed Uchiha

Level 2
Thread author
Feb 5, 2021
57
Hello,
I tried to mess with Bitdefender few months back and I found that I can disable Bitdefender startup via Task manager startup menu leaving the system vulnerable to threats.
Kaspersky and ESET I can't do the same I can't disable them from startup like Bitdefender.

second if Realtime disabled and malware is active in memory and then reenabled Realtime protection. it won't detect and remove running malicious file unless you run manual scan Kaspersky and ESET can detect active malware once Realtime protection reenabled.

third Bitdefender removal tool it can bypass software password protection and remove the software without asking the user Bitdefender master password it might used with malicious code to first remove the software then deploy the payload.
 

Bot

AI-powered Bot
Apr 21, 2016
4,315
Thank you for bringing this to our attention. We appreciate your feedback and we will forward your comments to our development team. In the meantime, please make sure to keep your Bitdefender and other security software up-to-date and perform regular scans of your system. If you have any further concerns or questions, please feel free to ask.
 

Jonny Quest

Level 21
Verified
Top Poster
Well-known
Mar 2, 2023
1,081
@Ahmed Uchiha As far as the third one, you're right. Enabling password protection does not protect it from being uninstalled. There was even a post by a member where the kids who were under parental controls, "bypassed it" by uninstalling Bitdefender, even though the app was password protected. I'm sure your other two points as spot on, but I've never investigated BD that far to know.

Edit: here's a thread regarding that issue.
 
Last edited:
F

ForgottenSeer 98186

@Ahmed Uchiha As far as the third one, you're right. Enabling password protection does not protect it from being uninstalled. There was even a post by a member where the kids who were under parental controls, "bypassed it" by uninstalling Bitdefender, even though the app was password protected. I'm sure your other two points as spot on, but I've never investigated BD that far to know.
lol, why are the kids running on an administrator Windows account? Why did the parents not create Guest accounts for the kids? Oh wait. The parents (who are probably under age 35) do not know how to create a Guest account. Such skills are not considered essential when it comes to unmanaged home users.

As ridiculous as it is hilarious. :ROFLMAO:
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861
I tried to mess with Bitdefender few months back and I found that I can disable Bitdefender startup via Task manager startup menu leaving the system vulnerable to threats.
I tried this just now in a VM, the "Bitdefender agent" startup task can be disabled via Task Manager but that doesn't stop Bitdefender AV services from running on startup. Bitdefender is still active and detects malware just fine.
second if Realtime disabled and malware is active in memory and then reenabled Realtime protection. it won't detect and remove running malicious file unless you run manual scan Kaspersky and ESET can detect active malware once Realtime protection reenabled.
I saw this in two other AV products 3-4 years ago. Can't remember which ones. Never tried it on Bitdefender. I might try this if I find a sample as such. Maybe some products immediately scan everything running on memory after enabling protection and some products don't if no malicious activity is observed. They probably have their reasons. Some products take far unique approach like when you disable Avast's real-time and behavior shield the BB doesn't fully shutdown. It still monitors everything and will reverse any malicious actions as soon as you enable the behavior shield again. So, everyone has their reasons for doing things in certain ways. But this is probably not a serious issue. A user should not disable the AV to infect the system and expect the AV to immediately cleanup all the mess.
third Bitdefender removal tool it can bypass software password protection and remove the software without asking the user Bitdefender master password it might used with malicious code to first remove the software then deploy the payload.
This is not good and should've been fixed already. Excuse given by BD for this is similar to unpleasant excuses given by Microsoft regarding Defender's security.
 

Ahmed Uchiha

Level 2
Thread author
Feb 5, 2021
57
I tried this just now in a VM, the "Bitdefender agent" startup task can be disabled via Task Manager but that doesn't stop Bitdefender AV services from running on startup. Bitdefender is still active and detects malware just fine.

I saw this in two other AV products 3-4 years ago. Can't remember which ones. Never tried it on Bitdefender. I might try this if I find a sample as such. Maybe some products immediately scan everything running on memory after enabling protection and some products don't if no malicious activity is observed. They probably have their reasons. Some products take far unique approach like when you disable Avast's real-time and behavior shield the BB doesn't fully shutdown. It still monitors everything and will reverse any malicious actions as soon as you enable the behavior shield again. So, everyone has their reasons for doing things in certain ways. But this is probably not a serious issue. A user should not disable the AV to infect the system and expect the AV to immediately cleanup all the mess.

This is not good and should've been fixed already. Excuse given by BD for this is similar to unpleasant excuses given by Microsoft regarding Defender's security.
when I tried to test Bitdefender on my end it didn't block malicious website or malware on the system.

ESET and Kaspersky monitor memory and active apps they can detect active malware in memory once Realtime enabled again.

Kaspersky also, has same issue with Kaspersky removal tool which can be weaponized via malware creator to corrupt AV or completely remove it(bypass AV protection) then deploy malicious payload ESET detect Kaspersky removal tool as "malicious AV killer".

over that Bitdefender is using a lot of resources it uses up to 600MB of memory some malware it can't remove automatically and finally when it tries to disinfect malicious file it uses a lot of CPU power for long period of time.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861
when I tried to test Bitdefender on my end it didn't block malicious website or malware on the system.
Maybe there was a bug on your installation when you tested. It's fine for me. The system tray icon comes with a delay and when malware is executed before the system tray icon showed up, it showed that the file is used by another process which in this case was Bitdefender who was removing the malware. Maybe this behavior is part of Bitdefender's Endpoint products where there might be a policy to hide the agent from systems. But anyway, protection is not compromised as I tested but worth reporting to the Bitdefender support.
ESET and Kaspersky monitor memory and active apps they can detect active malware in memory once Realtime enabled again.
Bitdefender paid versions now have an option part of real-time protection called "Scan process memory". Maybe you should check again since you said you tested a few months ago. Besides, as I said it's possible that it would have reacted if the process in memory was performing malicious activity.
Kaspersky also, has same issue with Kaspersky removal tool which can be weaponized via malware creator to corrupt AV or completely remove it(bypass AV protection) then deploy malicious payload ESET detect Kaspersky removal tool as "malicious AV killer".
I know about this. Marcos gave an explanation of why ESET detect this file which I forgot. I'll have to check.
over that Bitdefender is using a lot of resources it uses up to 600MB of memory some malware it can't remove automatically and finally when it tries to disinfect malicious file it uses a lot of CPU power for long period of time.
High memory usage is common for Bitdefender which has been discussed in the forum many times. It comes down after a few days of usage. It's not a major issue as long as it's not causing issue with other apps. I also don't mind it using high CPU while removing malware. Yeah, it's malware removal process is quite slow, similar to Norton. For fast yet very effective removal process, you'll have to look at Avast.
 

Jonny Quest

Level 21
Verified
Top Poster
Well-known
Mar 2, 2023
1,081
High memory usage is common for Bitdefender which has been discussed in the forum many times. It comes down after a few days of usage. It's not a major issue as long as it's not causing issue with other apps. I also don't mind it using high CPU while removing malware. Yeah, it's malware removal process is quite slow, similar to Norton. For fast yet very effective removal process, you'll have to look at Avast.
No doubt, the high memory use does come up, and you're right, give it a couple of days to learn your PC and you should be in the 200-225 MB range, idle. (Total Security).
Task Manager just now:

bd processes.jpg


my pc spces.jpg
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,134
Maybe the solution is here


or here

 
Last edited:
  • Like
Reactions: Nevi

Ahmed Uchiha

Level 2
Thread author
Feb 5, 2021
57
Maybe the solution is here


or here

it's better that the app is protected without any other third-party software. ESET for example, to use their uninstaller you must be in safe mode this approach is much better.
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,134
it's better that the app is protected without any other third-party software. ESET for example, to use their uninstaller you must be in safe mode this approach is much better.

If BD doesn't allow you to do it, then use other alternatives.
 

piquiteco

Level 14
Oct 16, 2022
624
The Bitdefender Total Security installation file is huge, it already was now it got even bigger 666.3 MB, every year it gets bigger, I thought kaspersky, TrendMicro was big but I was wrong, but BDTS beat them all in size. 😲
BD.PNG
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861
The Bitdefender Total Security installation file is huge, it already was now it got even bigger 666.3 MB, every year it gets bigger, I thought kaspersky, TrendMicro was big but I was wrong, but BDTS beat them all in size. 😲
I think it was 500+ the last time I installed. Looks like the size has increased with the new version 27.
Also, don't forget to delete temp files after installing. This 666.3 MB installations files would remain in temp even after installing the product. Better to manually check for updates after installing, then restart the system and then remove the temp files and perform a full system scan.
 
  • Like
Reactions: Trident

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top