[resolved In Bitdefender 2013] Full System Scan

Hi Christian,

I decided to make a "Full System Scan" today with BDIS 2012(15.0.37.1568) on Win7 Ultimate SP1. When it's finished, reported that there were 5 infected files. Three of them were deleted without prompt me or let me choose for an action as for the other two files did (because it could not delete them).

Please tell me, is there any way to avoid this mess or when BDIS performs a "Full System Scan" we have to "cry" for our lost files?

Anyway, users MUST decide what to do with the "infected" files.

P S : In antivirus shield "Deny access" was checked.

Thank you

Find more posts tagged with

Comments

rootkit

Hello

I will run some tests and get back to you on this.

Have a great day.

werby3

Hi Christian, :wub: ***

Any news?

***I think our relationship is starting to be close

Good day!

rootkit

Hello

I will need the scan logs to see what happened in your PC.

Please follow these steps:

Click here:

http://www.bitdefender.com/files/Knowledge...or_scanlogs.exe

Save the file prior to running it and to continue you need to accept the terms of use.

At the end of this process an archive will be created on your Desktop starting with bdamst.

. Send me that file via PM.

Take care.

werby3

Link's sent

rootkit

Hello

I have analyzed the logs.

The following files were resolved delete during the scanning process.

\Temp\stelios\XXXX=>file.exe threatName=Backdoor.Generic.510319

\Downloads\XXXX.zip=>file.exe threatName=Gen:Trojan.Heur.puW@Iy9S99di

When a full system scan or a custom scan is finished, the user can take actions for the files, but there is a default action checked, maybe you skipped or you didn't change that value.

Take care.

werby3

Hi Christian,

I know that. But, when the scanning finished, reported that there was 5 infected files, three of them deleted and for the other two it asked me for an action. So how can be explained this? And Please believe me that I did not skip any option. Remember, this is an issue that exists from the first day of BDIS2012 release.

Anyway, this is not the only strange thing that happens with BDIS2012

Have a nice day!

werby3

...and PLEASE REMOVE "quote" from your message...and this message too (if it's possible)

Thank you very very much!!!

rootkit

Hello

I am going to get some samples from our labs and conduct some tests to see if I can replicate the reported behavior.

I will get back to you these days with the conclusions.

Take care.

werby3

Hi Christian,

I performed a new "Full System Scan" today and happened again the same. There were three infected files and one of them deleted without prompt. Please see photo bellow.

THNX

werby3

...also I found something that might be interesting. There are some differencies on Antivirus Shield, before and during "Full system scan".

Bellow is a photo that shows that.

Have a nice day

werby3

(POST #9 RELATED)

Two files are not deleted because "disinfection failed"

werby3

...on "Custom Scan" (in folder that issues found) everything seems to be OK.

Please see bellow.

THNX

rootkit

Hello

Please run one more time this and send me the archive via PM.

http://forum.bitdefender.com/index.php?sho...st&p=140002

Thank you.

werby3

Link sent

THNX

rootkit

Hello

After many discussions I can now provide you an official answer:

The behavior is normal: the Full Scan has default actions set, opposed to custom scan (you can see that the Full scan tried to take actions on the other 2 files as well, only that the action failed).

If you want to prevent automatic actions in the future, you need to create a Custom Scan and customize all the options from there to fit your needs.

Take care.

werby3

Hello Christian,

Ok. I got it. Anyway, I run only Custom Scan when I need it.

But believe me, this is not a normal behavior. Maybe it's a mistake that now it's difficult to be corrected.

Full and Custom Scan MUST have the same behavior or else user is confused and the result is lost files. Even you didn't know it and I think this is a proof for this abnormal behavior. I really cannot understand the reason of this difference.

So, if I want to run a Full System Scan but with no lost files, I have to run a Custom Scan checking all drives, options etc. Is it simple??? Is it logical???

Thank you very much for your answer.

My Best Regards

rootkit

Hello

Tomorrow I will have the weekly meeting with all my colleagues and I will raise this subject.

I've mentioned that the behavior is normal in the present because the product was designed to take automatic actions.

If this will be changed, I only found 2 options: automatically send all files to quarantine by default or prompt the user like in the Custom Scan profile.

I'll keep you up to date.

Have a great weekend!

werby3

Hi,

That's great. I hope they'll listen to us and fix it, especially for the second option.

Thank you very very much!

Have a Nice Sunday

rootkit

Hello

I can tell you for sure that all requests are send to our Project manager, no matter how small they are(like changing color to a button in the main interface).

When I have fresh information regarding this, I will post here all the details.

Take care.

werby3

Hi Christian,

Any news?

I've also noticed same behavior (del w/o prompt) with "Autoscan USB media" ON, so I turned it OFF with all this implies, using only contextual scan (asks for action) for USB media.