Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Data leak: Avast Free or Bitdefender Free?
Message
<blockquote data-quote="SeriousHoax" data-source="post: 1120683" data-attributes="member: 78686"><p>I don't think so unless something changed lately <img class="smilie smilie--emoji" loading="lazy" alt="🤔" title="Thinking face :thinking:" src="https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/1f914.png" data-shortname=":thinking:" /> It doesn't match with my own tests. Early last year, I found malwares for which BDTS's memory scanning was triggered shortly after running a malware.</p><p>I ran the same sample in BD Free and the detection occurred at a later stage by BD's behavior blocker ATC, not by memory scanning as it doesn't have it.</p><p>The scan script option in BD is AMSI. BD already has their own script emulation engine so it can scan scripts without AMSI, but AMSI was added later as an additional layer.</p><p>I verified in BD Free that it indeed does not have AMSI. It's easy to check using Process Explorer. In BDTS, BD's own amsi dll named, "antimalware_provider64.dll" is injected into powershell.exe but it wasn't in BD Free.</p></blockquote><p></p>
[QUOTE="SeriousHoax, post: 1120683, member: 78686"] I don't think so unless something changed lately 🤔 It doesn't match with my own tests. Early last year, I found malwares for which BDTS's memory scanning was triggered shortly after running a malware. I ran the same sample in BD Free and the detection occurred at a later stage by BD's behavior blocker ATC, not by memory scanning as it doesn't have it. The scan script option in BD is AMSI. BD already has their own script emulation engine so it can scan scripts without AMSI, but AMSI was added later as an additional layer. I verified in BD Free that it indeed does not have AMSI. It's easy to check using Process Explorer. In BDTS, BD's own amsi dll named, "antimalware_provider64.dll" is injected into powershell.exe but it wasn't in BD Free. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
