Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Gdata Total Security 2022
Message
<blockquote data-quote="Trident" data-source="post: 1039149" data-attributes="member: 99014"><p>About the damaged database it doesn’t make much sense to have this issue. Database integrity check is performed by looking at catalogue where all relevant file hashes are stored. Every Bitdefender update does this:</p><ul> <li data-xf-list-type="ul">Downloads the new files</li> <li data-xf-list-type="ul">Copies the whole database (in case of massive false positive or another problem the old database can quickly be reverted)</li> <li data-xf-list-type="ul">Renames the old directory incrementing the database version (example from x.y.z.3032 to x.y.z.3033)</li> <li data-xf-list-type="ul">Replaces the relevant files with what’s been downloaded.</li> </ul><p>If something goes wrong in this process, it can’t be that absolutely the whole database is damaged and needs to be replaced — Bitdefender releases frequent updates and at most they modify few files. Maybe G Data for security reasons attempts to redownload the whole database if integrity check failed, but it’s not a great decision, as I mentioned above this database is massive.</p><p></p><p></p><p>Different products have different ways of removing. For AVG/Avast behavioural blocking (the IDP process) always monitors and records (even if you switch it off or you opt not to install it). Once something is detected, the recordings provide the relevant removal information. This can be very easily tested by anyone who has doubt in that. That’s why Avast removal is quick.</p><p></p><p>For Norton, the ERASER (Enhanced Remediation and Side Effects Repair) engine starts checking for other components similarly to Trend Micro but it also checks the journal to establish the threat actions and undo them. This is what delays Norton removal a lot. For example when removing a PUA, Norton will delete all registry entries and will even remove the desktop icon.</p><p></p><p>For Trend Micro, several engines are called. One of them is correlational engine (described also in TM documentation) and the other one is damage cleanup engine + damage cleanup template. The template includes (I have read it in logs that are generated somewhere in TM folders upon removal) many actions, including re-enabling task manager, regedit, UAC to default level. For every detection this sequence of “repair” is performed.</p></blockquote><p></p>
[QUOTE="Trident, post: 1039149, member: 99014"] About the damaged database it doesn’t make much sense to have this issue. Database integrity check is performed by looking at catalogue where all relevant file hashes are stored. Every Bitdefender update does this: [LIST] [*]Downloads the new files [*]Copies the whole database (in case of massive false positive or another problem the old database can quickly be reverted) [*]Renames the old directory incrementing the database version (example from x.y.z.3032 to x.y.z.3033) [*]Replaces the relevant files with what’s been downloaded. [/LIST] If something goes wrong in this process, it can’t be that absolutely the whole database is damaged and needs to be replaced — Bitdefender releases frequent updates and at most they modify few files. Maybe G Data for security reasons attempts to redownload the whole database if integrity check failed, but it’s not a great decision, as I mentioned above this database is massive. Different products have different ways of removing. For AVG/Avast behavioural blocking (the IDP process) always monitors and records (even if you switch it off or you opt not to install it). Once something is detected, the recordings provide the relevant removal information. This can be very easily tested by anyone who has doubt in that. That’s why Avast removal is quick. For Norton, the ERASER (Enhanced Remediation and Side Effects Repair) engine starts checking for other components similarly to Trend Micro but it also checks the journal to establish the threat actions and undo them. This is what delays Norton removal a lot. For example when removing a PUA, Norton will delete all registry entries and will even remove the desktop icon. For Trend Micro, several engines are called. One of them is correlational engine (described also in TM documentation) and the other one is damage cleanup engine + damage cleanup template. The template includes (I have read it in logs that are generated somewhere in TM folders upon removal) many actions, including re-enabling task manager, regedit, UAC to default level. For every detection this sequence of “repair” is performed. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
