[resolved In Bitdefender 2013] Full System Scan

werby3
edited March 2012 in Antivirus

Hi Christian,


I decided to make a "Full System Scan" today with BDIS 2012(15.0.37.1568) on Win7 Ultimate SP1. When it's finished, reported that there were 5 infected files. Three of them were deleted without prompt me or let me choose for an action as for the other two files did (because it could not delete them).


Please tell me, is there any way to avoid this mess or when BDIS performs a "Full System Scan" we have to "cry" for our lost files?


Anyway, users MUST decide what to do with the "infected" files.


P S : In antivirus shield "Deny access" was checked.


Thank you

Comments

  • rootkit
    rootkit ✭✭✭

    Hello :)


    I will run some tests and get back to you on this.


    Have a great day.

  • werby3
    edited April 2012

    Hi Christian, :wub:***


    Any news?


    ***I think our relationship is starting to be close :)


    Good day!

  • rootkit
    rootkit ✭✭✭

    Hello :)


    I will need the scan logs to see what happened in your PC.


    Please follow these steps:


    Click here:


    http://www.bitdefender.com/files/Knowledge...or_scanlogs.exe


    Save the file prior to running it and to continue you need to accept the terms of use.


    At the end of this process an archive will be created on your Desktop starting with bdamst.


    . Send me that file via PM.


    Take care.

  • Link's sent

  • rootkit
    rootkit ✭✭✭
    edited April 2012

    Hello :)


    I have analyzed the logs.


    The following files were resolved delete during the scanning process.


    D:\Temp\stelios\XXXX=>file.exe threatName=Backdoor.Generic.510319


    D:\Downloads\XXXX.zip=>file.exe threatName=Gen:Trojan.Heur.puW@Iy9S99di


    When a full system scan or a custom scan is finished, the user can take actions for the files, but there is a default action checked, maybe you skipped or you didn't change that value.


    Take care.

  • Hi Christian,


    I know that. But, when the scanning finished, reported that there was 5 infected files, three of them deleted and for the other two it asked me for an action. So how can be explained this? And Please believe me that I did not skip any option. Remember, this is an issue that exists from the first day of BDIS2012 release.


    Anyway, this is not the only strange thing that happens with BDIS2012 :)


    Have a nice day!

  • ...and PLEASE REMOVE "quote" from your message...and this message too (if it's possible) :)


    Thank you very very much!!!

  • rootkit
    rootkit ✭✭✭

    Hello :)


    I am going to get some samples from our labs and conduct some tests to see if I can replicate the reported behavior.


    I will get back to you these days with the conclusions.


    Take care.

  • Hi Christian,


    I performed a new "Full System Scan" today and happened again the same. There were three infected files and one of them deleted without prompt. Please see photo bellow.


    THNX

    post-24433-1333902444_thumb.jpg

  • ...also I found something that might be interesting. There are some differencies on Antivirus Shield, before and during "Full system scan".


    Bellow is a photo that shows that.


    Have a nice day :)

    post-24433-1333902727_thumb.jpg

  • (POST #9 RELATED)


    Two files are not deleted because "disinfection failed"

    post-24433-1333903596_thumb.jpg

  • ...on "Custom Scan" (in folder that issues found) everything seems to be OK.


    Please see bellow.


    THNX

    post-24433-1333909727_thumb.jpg

  • rootkit
    rootkit ✭✭✭
    edited April 2012

    Hello :)


    Please run one more time this and send me the archive via PM.


    http://forum.bitdefender.com/index.php?sho...st&p=140002


    Thank you.

  • Link sent


    THNX

  • rootkit
    rootkit ✭✭✭

    Hello :)


    After many discussions I can now provide you an official answer:


    The behavior is normal: the Full Scan has default actions set, opposed to custom scan (you can see that the Full scan tried to take actions on the other 2 files as well, only that the action failed).


    If you want to prevent automatic actions in the future, you need to create a Custom Scan and customize all the options from there to fit your needs.


    Take care.

  • Hello Christian,


    Ok. I got it. Anyway, I run only Custom Scan when I need it.


    But believe me, this is not a normal behavior. Maybe it's a mistake that now it's difficult to be corrected.


    Full and Custom Scan MUST have the same behavior or else user is confused and the result is lost files. Even you didn't know it and I think this is a proof for this abnormal behavior. I really cannot understand the reason of this difference.


    So, if I want to run a Full System Scan but with no lost files, I have to run a Custom Scan checking all drives, options etc. Is it simple??? Is it logical???


    Thank you very much for your answer.


    My Best Regards

  • rootkit
    rootkit ✭✭✭
    edited April 2012

    Hello :)


    Tomorrow I will have the weekly meeting with all my colleagues and I will raise this subject.


    I've mentioned that the behavior is normal in the present because the product was designed to take automatic actions.


    If this will be changed, I only found 2 options: automatically send all files to quarantine by default or prompt the user like in the Custom Scan profile.


    I'll keep you up to date.


    Have a great weekend!

  • Hi,


    That's great. I hope they'll listen to us and fix it, especially for the second option.


    Thank you very very much!


    Have a Nice Sunday :)

  • rootkit
    rootkit ✭✭✭

    Hello :)


    I can tell you for sure that all requests are send to our Project manager, no matter how small they are(like changing color to a button in the main interface).


    When I have fresh information regarding this, I will post here all the details.


    Take care.

  • Hi Christian,


    Any news?


    I've also noticed same behavior (del w/o prompt) with "Autoscan USB media" ON, so I turned it OFF with all this implies, using only contextual scan (asks for action) for USB media.


    Regards.

  • rootkit
    rootkit ✭✭✭
    edited June 2012

    Hello :)


    For now, there are some discussions related to the Auto Pilot and the profiles that need to be implemented in the product.


    These new profiles should not interfere with it and since Bitdefender is a silent product, we need to find a workaround/solution for this.


    I will let you know when I have new details on this.


    Take care.

  • Add option "Prompt for Action" in in all Scan Tasks and in Real Time Protection Settings.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    We will continue the discussion over here:


    http://forum.bitdefender.com/index.php?showtopic=35463


    Thank you for understanding.

  • rootkit
    rootkit ✭✭✭
    edited October 2012

    Hello :)


    This issue has been resolved in Bitdefender 2013 with the build 16.22.xxx


    All the details will be posted in this topic:


    http://forum.bitdefender.com/index.php?showtopic=38212


    Thank you!

This discussion has been closed.