Advice Request Bitdefender vs Avira Database

[AtlBo]

Thanks:

Update time: Tue Jun 6 02:40:11 2017
Signature number: 8779889
Update time GMT: 1496706011
Version: 7.71732

No idea why windows search doesn't turn up the file searching date...

 

[mekelek]

so tldr: Avira resells outdated definition database meanwhile Bitdefender updates theirs.

why am i not surprised.

 

[roger_m]

so tldr: Avira resells outdated definition database meanwhile Bitdefender updates theirs.

No, the problem is that 360 is slow to update the Avira definitions. I just opened Glarysoft's Malware Hunter and did an update, and it then had Avira signatures from today.

For as long as I can remember, 360 products have at times had issues with updates being delayed.

 

[mekelek]

No, the problem is that 360 is slow to update the Avira definitions. I just opened Glarysoft's Malware Hunter and did an update, and it then had Avira signatures from today.

For as long as I can remember, 360 products have at times had issues with updates being delayed.

or they're licensing a different package that has older sigs.
why would they delay Avira's but have Bitdefender properly.

 

[Parsh]

Looks at least like Bitdefender defs are being updated:

View attachment 154283

Opening file no header to read, but maybe there is one with a header. Searched the contents of the BD plugin folder where I found what I think are the BD defs but it didn't find anything using the word date. Nonetheless this database looks far more extensive than the Avira one.

Look for filename "update_BD.txt". Try making a search with the parent folder (or the outermost updates folder) and see if you get this file, for date details.
EDIT: had made this post earlier, I see you already found it.

 

[Parsh]

No, the problem is that 360 is slow to update the Avira definitions. I just opened Glarysoft's Malware Hunter and did an update, and it then had Avira signatures from today.

For as long as I can remember, 360 products have at times had issues with updates being delayed.

I updated Malware Hunter Pro after a long time, today. The update does not show any error, it just shows completion of the progress bar (and we assume that the update was clean).
Now when I go to its folder, all the update files are of date 25-05-2017 (the date of installation) and not today.

What today's AV Update log shows:

................
07/06/2017 14:34:59 DESKTOP-SL9IM1V avupdate.exe[4708]: UPD: INFO: #10: Downloading http://216.137.61.41/update/n_vdf/vbase030.vdf.gz to .\tmp\avupdate_tmp_RADz6p\n_vdf\vbase030.vdf.gz
07/06/2017 14:35:00 DESKTOP-SL9IM1V avupdate.exe[4708]: UPD: INFO: #11: Downloading http://216.137.61.41/update/n_vdf/vbase031.vdf.gz to .\tmp\avupdate_tmp_RADz6p\n_vdf\vbase031.vdf.gz
07/06/2017 14:35:15 DESKTOP-SL9IM1V avupdate.exe[4708]: UPD: ERROR: The checksum of the file .\tmp\avupdate_tmp_RADz6p\n_vdf\vbase031.vdf.gz is different than the one specified in the info file

There can be a similar problem with the update process in case of Qihoo, leading to old definitions of Avira.
It will be nice if someone can verify this from the Update LOG of Qihoo 360's AV module (Avira).

 

[roger_m]

@Parsh The update completed for me, and I have 12 files with today's date in the Avira folder. Are you running v1.37.0.69 which was released two days ago?

I remember there was a time few months back when Malware Hunter always failed to download the Avira updates. I had to uninstall and then reinstall it to fix it.

 

[Parsh]

@Parsh The update completed for me, and I have 12 files with today's date in the Avira folder. Are you running v1.37.0.69 which was released two days ago?

I remember there was a time few months back when Malware Hunter always failed to download the Avira updates. I had to uninstall and then reinstall it to fix it.

Mine seems to be the previous version, and I can see a program update available. I'll update and check how it goes.

On a different note, @AtlBo can you please check the Avira 'Update Log' in Qihoo folders to see if any error messages are indicated, like in my case with Glarysoft MH. I suspect that this can be a potential problem in case of Avira engine, that they might need to fix (if present).

 

[davetenay]

Mine seems to be the previous version, and I can see a program update available. I'll update and check how it goes.

On a different note, @AtlBo can you please check the Avira 'Update Log' in Qihoo folders to see if any error messages are indicated, like in my case with Glarysoft MH. I suspect that this can be a potential problem in case of Avira engine, that they might need to fix (if present).

The Avira update log in Qihoo doesn't report anything but this line: Update time GMT: 1496826906.

Anyway I don't think it's an issue with the update, because if you download the Avira definitions file from Qihoo website (which should contains signatures of today June 7) and unzip, it also contains outdated definitions of May 3: Download Free Antivirus | 360 Total Security

Virus Database File
Version: 7.14.3.174
FUP: 1
License date: 3.5.2017
VDF date: 3.5.2017
Minimum engine: 7.9.4.32
Signatures: 12491653
Required linked VDF: 7.14.3.89
Source: 7.14.3.174
Compiler: 1.5.0.4

 

[AtlBo]

Mine seems to be the previous version, and I can see a program update available. I'll update and check how it goes.

On a different note, @AtlBo can you please check the Avira 'Update Log' in Qihoo folders to see if any error messages are indicated, like in my case with Glarysoft MH. I suspect that this can be a potential problem in case of Avira engine, that they might need to fix (if present).

@Parsh

...Same single entry as @davetenay. Maybe this is a case where Qihoo is using a "best of Avira" set of definitions to save some money. No idea what criteria Avira uses for licensing the sigs, but I wouldn't be 100% surprised. As long as the Bitdefender updates are fairly regular I don't see a problem with the combo. However, if it is true that Qihoo uses limited Avira updates, full disclosure certainly could be available from the company. Maybe it is someplace, but I haven't seen it myself or I would have posted on MTs.

 

[Parsh]

@roger_m looks good now. Latest definitions (Signatures: 13117563).

@Parsh
...Same single entry as @davetenay. Maybe this is a case where Qihoo is using a "best of Avira" set of definitions to save some money. No idea what criteria Avira uses for liscensing the sigs, but I wouldn't be 100% surprised. As long as the Bitdefender updates are fairly regular I don't see a problem with the combo, although full disclosure certainly could be available from Qihoo on this. Maybe it is someplace, but I haven't seen it myself.

Not the vbase0xx.vdf file, I'm referring to an update "Log file" that would show all update attempts, whether successful or not. Anyways, from your screenshot, it appears that your update was successful and clean, so there's no need to check.
I wonder what Qihoo has to say about this issue

 

[AtlBo]

@Parsh this is the one I referenced:

C:\Program Files (x86)\360\Total Security\deepscan\SDEng\savapi\update_Avira

Yes, I think Qihoo should know that this happens. I can feedback a link to this thread perhaps. So you think this is likely a bug with 360 or the servers?

 

[Parsh]

@Parsh this is the one I referenced:
C:\Program Files (x86)\360\Total Security\deepscan\SDEng\savapi\update_Avira

Okay, got it. Can you share that log file here?

Yes, I think Qihoo should know that this happens. I can feedback a link to this thread perhaps. So you think this is likely a bug with 360 or the servers?

Yeah! Well if the logs show that the updates have been performed successfully without any errors in connectivity or file checking (verification) issues, that indicates that the files were downloaded just right, and there was some problem installing the update.
However, we cannot be fully sure about this. The servers referred must be according to the API/module kit of Avira engine being used and there should be no trouble fetching or rather connecting to the right servers with the necessary latest definitions.
Glarysoft (latest version) has no problems updating Avira with the latest data. Hopefully, Qihoo is using the latest available/working Avira interface like Glarysoft. Let us leave this for Qihoo to troubleshoot.

 

[AtlBo]

Let us leave this for Qihoo to troubleshoot.

Here is all that is in the file as @roger_m noted:

Update time GMT: 1496826906

It's showing no attempt whatsoever to update. Think I agree with @roger_m that the reason for the age of the defs is not 360s update mechanism. Likeliest then it has to do with Qihoo's agreement with Avira. I agree let Qihoo sort it out. Thanks.

 

[davetenay]

Here is all that is in the file as @roger_m noted:

Update time GMT: 1496826906

It's showing no attempt whatsoever to update. Think I agree with @roger_m that the reason for the age of the defs is not 360s update mechanism. Likeliest then it has to do with Qihoo's agreement with Avira. I agree let Qihoo sort it out. Thanks.

I also think it has to do with agreement between the two parties.

 

[mamamia]

In conclusion, Avira engine is not updated from several weeks.

 

[AtlBo]

Certainly appears to be the case. Could be Qihoo is using the Avira signatures of the most dangerous past malwares or maybe PUPs. Can't say for sure what Qihoo is doing with Avira it just appears to be something along those lines.

 

[mamamia]

Qihoo replied to an user about this issue (via Facebook):

"Sorry for the inconvenience.
Our tech team would like to solve the issue through a remote troubleshooting.
Can you tell us when you will be available? ( your time zone and available time)

Also, please download TeamViewer, a third-part remote support tool, for remote check.
https://download.teamviewer.com/download/TeamViewerQS.exe

After running the tool, please provide the ID and Password on the tool so our tech team can connect to your computer.

Thank you,
Joyce".

 

[jamescv7]

Two different characteristics.

1) Avira is known for rapid database delivery hence it can gather the most sophisticated threats, considering the fact where it relies own from Cloud itself. (none almost from BB or other modules).

2) Meanwhile Bitdefender provides balance on delivery, which why it undergone not only on typical Cloud analysis but also on other tools like Ai or sandbox emulation technique.

 

[davetenay]

Qihoo replied to an user about this issue (via Facebook):

"Sorry for the inconvenience.
Our tech team would like to solve the issue through a remote troubleshooting.
Can you tell us when you will be available? ( your time zone and available time)

Also, please download TeamViewer, a third-part remote support tool, for remote check.
https://download.teamviewer.com/download/TeamViewerQS.exe

After running the tool, please provide the ID and Password on the tool so our tech team can connect to your computer.

Thank you,
Joyce".

Don't understand what issue they want to solve since the problem is not on the user but on Qihoo side that releases outdated definitions.