Charyb

Task Killer And Manually Moving File To Quarantine

20 posts in this topic

1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).

2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.

Edited by Charyb

Share this post


Link to post
Share on other sites
1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).

2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.

I don't know the rules on double posting but I am going to post a correction since I can no longer edit the first post.

#2 should read "process killer/blocker"

Edited by Charyb

Share this post


Link to post
Share on other sites

Hello :)

Welcome back.

Let talk about your feature request:

1. You can send us the file directly on the Malware Area and I will send it to the labs directly.

http://forum.bitdefender.com/index.php?showforum=196

2. This is a great idea, I will forward it to our developers.

Take care.

Share this post


Link to post
Share on other sites

I wish to propose a block antivirus, but I for some reason does not work, the program will still run.

9sgys.jpg

Share this post


Link to post
Share on other sites

Hello :)

Do you have the default settings in the product?

Take care.

Share this post


Link to post
Share on other sites

Antivirus has manual settings, but what does it matter?

Share this post


Link to post
Share on other sites

Hello :)

I need to know the level for the Active Virus Control. Is it "Permissive"?

Thank you.

Share this post


Link to post
Share on other sites

AVC - aggressiv, IDS - normal.

Share this post


Link to post
Share on other sites

Hello :)

I will run some tests and get back to you with an answer.

Take care.

Share this post


Link to post
Share on other sites
1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).

Already asked here and waiting for reply.

2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.

A similar feature was suggested here in point 7, but you suggested in a better way.

Edited by ONT

Share this post


Link to post
Share on other sites

Hello :)

A feature request was posted by Danny regarding Task Manager and Registry Editor.

Take care.

Share this post


Link to post
Share on other sites

Hello :)

I now have a final answer:

The option to block a specific executable from AVC will block that process if its actions exceed the treshold set by AVC's level (what it would normally do if it weren't added to the exceptions list).

So, the module is functioning as designed (FaD).

Take care.

Share this post


Link to post
Share on other sites

If it is possible to unlock the process, why not lock it?

Share this post


Link to post
Share on other sites

Hello :)

Why do you want to block a valid and legit software?

You could do this via the Parental Control module.

Take care.

Share this post


Link to post
Share on other sites

I just ran into a situation where a rogue antivirus Bitdefender missed, and I had to block the destruction of its own methods, although it was possible to block the active unit of Bitdefender. Thank you, I have no more questions.

Share this post


Link to post
Share on other sites

Hi :)

Welcome back.

I will talk with my colleagues about this and will add another idea regarding rogue software.

Get back to you these days with an answer.

Take care.

Share this post


Link to post
Share on other sites

I had two rogue antivirus programs install that BitDefender did not detect. The links to these rogues came in a link in my email. I knew what they were and decided to give BD a test. Both definitions and heuristics did not detect. IDS and AVC both set to normal.

This is why I recommended manually moving a file to quarantine and having the ability to block processes. From quarantine the executable is in a place where it can do no harm and at the same time can be submitted to BitDefender for testing.

Share this post


Link to post
Share on other sites

Hello :)

Interesting situation. Have you tried to browse the web in Sandbox?

Clicking those links in a safe web environment wouldn't affect the PC.

Also, in order to run a rogue program, you need to download and execute an .EXE file. If you didn't do this, you have software(browser, Oracle java, Adobe Flash) that are too old and exploitable.

Please make sure that you have the latest versions.

Take care.

Share this post


Link to post
Share on other sites

Trust me, everything is always kept up to date. I have used the sandbox and would like to have the option to have the browser automatically sandboxed.

As for the rogue(s)... Yes, I did download and execute the .exe file. This is what I meant when I stated that I tested BF. I wanted to see if BF would stop the rogue install. It did not.

Thanks for the response.

Share this post


Link to post
Share on other sites

Hello :)

Thank you for your feedback.

I will send your request to the appropriate department.

When I have news on this, I will post them here.

Take care.

Share this post


Link to post
Share on other sites