[resolved, Won't Be Implemented] Dealing With Infection, Discussion Options

[ONT]

What are advantages of dealing with infected files at the end of the scan rather than taking action upon finding the infection?

[Christian]

Hello (IMG:style_emoticons/default/smile.gif)

It is much more elegant to have all the results on a page and take actions for all of them instead to be prompted every few minutes by the product.

With the second option, the scan will have to stop for you to take the action making the scan time even bigger.

So, the actions page will be always at the end.

Also, if an infection is detected by the On Access and resolved, that one won't appear at the final of the scan.

Let me know if you have other questions.

Take care.

[ONT]

Hello (IMG:style_emoticons/default/smile.gif)

It is much more elegant to have all the results on a page and take actions for all of them instead to be prompted every few minutes by the product.

With the second option, the scan will have to stop for you to take the action making the scan time even bigger.

So, the actions page will be always at the end.

Why the scan would prompt or stopped for taking action, if I set the actions already? This situation can be overcome by running two routines at same time, one for detection and the second for action. Although it may consume more resources but would increase the overall scan speed.

Hello (IMG:style_emoticons/default/smile.gif)

Also, if an infection is detected by the On Access and resolved, that one won't appear at the final of the scan.

Take care.

In that case Bitdefender display "action failed (object was not found)", which I faced sometimes.

This post has been edited by ONT: Apr 8 2012, 12:24 PM

[Christian]

Hello (IMG:style_emoticons/default/smile.gif)

Why would someone love to guard the scanning process when can leave it to do the job an get back later to see the results an then take action?

This is a legitimate question...

The scan can not continue if the action is user depended and you will find the scan stopped and waiting for further instructions.

Take care.

[ONT]

Hello (IMG:style_emoticons/default/smile.gif)

The scan can not continue if the action is user depended and you will find the scan stopped and waiting for further instructions.

Take care.

Why the scan can not continue? I rephrase my above post that when an infection found during the scan task, the routine for taking action on the infection opens in an other window and do whatever we set the action and it remain open but in idle state (and becomes active only when another infection is found), while the scan continue in its own window without any interrupt.

[werby3]

Hello ONT

My friend, I think, you want for a very simple and fast routine to become a complicated one where one routine runs over another routine and another routine runs over another routine (if multiple infection) and so on.

"Although it may consume more resources.." what does it make you believe that "..would increase the overall scan speed"?

My Best Regards

[Christian]

Hello everyone (IMG:style_emoticons/default/smile.gif)

I have a scenario: the product prompts the user to take actions after each detection during the Full System scan, but the user is not in from of the PC. In this ideal scenario, the scan will continue and for each detection the user is prompted.

When the user returns, the scan process is finished and he will have to take actions for all the malware.

Isn't this the same thing? It is better to take all the proper actions at the end of the scan and in some cases, you can select one action and apply it to all the discovered malware.

Take care.

[werby3]

...but the user is not in front of the PC...

First of all this is a crime!!!
And then, what if product sending a message to mobile phone and there is the ability to select proper action via that?? (IMG:style_emoticons/default/rolleyes.gif)

P S: Is this a brilliant idea or what? (IMG:style_emoticons/default/biggrin.gif)

Peace and Happiness

[ONT]

Hello ONT

My friend, I think, you want for a very simple and fast routine to become a complicated one where one routine runs over another routine and another routine runs over another routine (if multiple infection) and so on.

Kindly read my above post again.

Hello everyone (IMG:style_emoticons/default/smile.gif)

I have a scenario: the product prompts the user to take actions after each detection during the Full System scan, but the user is not in from of the PC. In this ideal scenario, the scan will continue and for each detection the user is prompted.

When the user returns, the scan process is finished and he will have to take actions for all the malware.

Isn't this the same thing? It is better to take all the proper actions at the end of the scan and in some cases, you can select one action and apply it to all the discovered malware.

Take care.

I am not suggesting this scenario.....just see Eset.

[werby3]

Hello ONT,

Be sure I've carefully read your above post, although you've missed this

"Although it may consume more resources.." what does it make you believe that "..would increase the overall scan speed"?

from my above post.
Anyway, all I try to say is that "The best is the enemy of the good", a rule that Eset, Norton etc. seems to ignore and make our PCs running like a turtle.

Have a nice day.

[ONT]

Hello ONT

My friend, I think, you want for a very simple and fast routine to become a complicated one where one routine runs over another routine and another routine runs over another routine (if multiple infection) and so on.

"Although it may consume more resources.." what does it make you believe that "..would increase the overall scan speed"?

My Best Regards

What I meant was that the detection and action routines run in parallel and not like you said. And regarding your second statement, I simply gives the example of Windows Vista and Windows 7. Windows 7 consumes more resources but faster than Vista.

[werby3]

Hi ONT,

I'm not an expert but I think Vista was a completely failed system. BD is not a failed application although it needs improvement...
So, the worst must have an enemy but the good no.

My Best Regards

[ONT]

The Bitdefender holds the threat while scanning but not in a proper way, because even then the detected threats can become active and are therefore detected by RTP and thus display in the scan logs “failed to perform action (object was not found)” in the end of scan task, which happen sometimes so silently and hiddenly in the previous versions (not sure about 2012) that there was neither any pop-up appear nor indication in the logs for that threat even if they were detected by RTP. So the scan task environment can not restrict the detected threats activity and thus RTP come into play in such situations. This is the real bug of the Scan Task. In my opinion the detected threats during scan task should be kept in the environment which denies accesses to all processes and executions even to RTP.

This post has been edited by ONT: Apr 22 2012, 05:32 AM

[werby3]

Hi ONT,

I've not encountered such a situation till now so, if this happens, I have to agree with you about improvement at this point.
I only remember a threat (I cannot remember the type), 2 months ago, that could not be solved. Although BD deleted it, after restart, it appeared again and again so, I was forced to run "System restore" that finally solved this. I don't know if we're talking for the same thing (I'm not an expert) but I have to thank you for your info!

Have a nice week!

This post has been edited by werby3: Apr 22 2012, 12:23 PM

[Susankool]

better to scan and check results later

[bms1978]

I agree with ONT , because while we finish full scan and we select (Take proper action) , press continue , then disinfection process starts .
Which is taking almost same or half of the time and is very irritating .

Also scan of Removable drive is very slow like .. 8 gb usb flash drive taking 1.5 hr. , after taking proper action it takes the same time again.

many times problem occurs like
1-pc hang
2-pc restarts
3-power failure

Then we have to start full scan again!!


If we select action -> disinfect or quarantine , then in we expect it to happen in any scan

So it is a gentle request to BD people, kindly make disinfection process at the time of scanning which is very convenient and hassle free.
(IMG:style_emoticons/default/unsure.gif)

[JAGUARS]

Me agree too....that the cleaning or disinfection processes takes lot of time in 2012 version especially on the exe files.

[ONT]

Hi ONT,

I've not encountered such a situation till now so, if this happens, I have to agree with you about improvement at this point.
I only remember a threat (I cannot remember the type), 2 months ago, that could not be solved. Although BD deleted it, after restart, it appeared again and again so, I was forced to run "System restore" that finally solved this. I don't know if we're talking for the same thing (I'm not an expert) but I have to thank you for your info!

Have a nice week!

Read this topic for information. And what you mention later, it was the issue that the Bitdefender takes action on the virus e.g delete, but even then the same infected file was remain there. Now it is fixed. I forget the topic posted by user on this forum, but I also experienced this issue. And it is the totally different thing, not what I am discussing.

This post has been edited by ONT: Apr 25 2012, 01:39 PM

[ONT]

Any reply on my post #13.

[Christian]

The Bitdefender holds the threat while scanning but not in a proper way, because even then the detected threats can become active and are therefore detected by RTP and thus display in the scan logs “failed to perform action (object was not found)” in the end of scan task, which happen sometimes so silently and hiddenly in the previous versions (not sure about 2012) that there was neither any pop-up appear nor indication in the logs for that threat even if they were detected by RTP. So the scan task environment can not restrict the detected threats activity and thus RTP come into play in such situations. This is the real bug of the Scan Task. In my opinion the detected threats during scan task should be kept in the environment which denies accesses to all processes and executions even to RTP.

Hi (IMG:style_emoticons/default/smile.gif)

The On-Access is acting normal in a standard malware-antivirus "relationship" (IMG:style_emoticons/default/biggrin.gif)

If the file is caught in memory, the action is instant, why should it wait for the On-Demand task to finish?

Malware can have different components and behavior. When it is discovered bu the On-Access module, the action is instant, as it should be.

Take care.