Task Killer And Manually Moving File To Quarantine

Charyb
Charyb ✭✭✭
edited April 2012 in Feature request

1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).


2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.

Comments

  • Charyb
    Charyb ✭✭✭
    edited April 2012
    1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).


    2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.


    I don't know the rules on double posting but I am going to post a correction since I can no longer edit the first post.


    #2 should read "process killer/blocker"

  • rootkit
    rootkit ✭✭✭
    edited April 2012

    Hello :)


    Welcome back.


    Let talk about your feature request:


    1. You can send us the file directly on the Malware Area and I will send it to the labs directly.


    http://forum.bitdefender.com/index.php?showforum=196


    2. This is a great idea, I will forward it to our developers.


    Take care.

  • Rampant
    Rampant ✭✭

    I wish to propose a block antivirus, but I for some reason does not work, the program will still run.


    9sgys.jpg

  • rootkit
    rootkit ✭✭✭

    Hello :)


    Do you have the default settings in the product?


    Take care.

  • Rampant
    Rampant ✭✭

    Antivirus has manual settings, but what does it matter?

  • rootkit
    rootkit ✭✭✭

    Hello :)


    I need to know the level for the Active Virus Control. Is it "Permissive"?


    Thank you.

  • Rampant
    Rampant ✭✭

    AVC - aggressiv, IDS - normal.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    I will run some tests and get back to you with an answer.


    Take care.

  • coolcool1227
    coolcool1227 ✭✭✭
    edited April 2012
    1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).


    Already asked here and waiting for reply.


    2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.


    A similar feature was suggested here in point 7, but you suggested in a better way.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    A feature request was posted by Danny regarding Task Manager and Registry Editor.


    Take care.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    I now have a final answer:


    The option to block a specific executable from AVC will block that process if its actions exceed the treshold set by AVC's level (what it would normally do if it weren't added to the exceptions list).


    So, the module is functioning as designed (FaD).


    Take care.

  • Rampant
    Rampant ✭✭

    If it is possible to unlock the process, why not lock it?

  • rootkit
    rootkit ✭✭✭

    Hello :)


    Why do you want to block a valid and legit software?


    You could do this via the Parental Control module.


    Take care.

  • Rampant
    Rampant ✭✭

    I just ran into a situation where a rogue antivirus Bitdefender missed, and I had to block the destruction of its own methods, although it was possible to block the active unit of Bitdefender. Thank you, I have no more questions.

  • rootkit
    rootkit ✭✭✭

    Hi :)


    Welcome back.


    I will talk with my colleagues about this and will add another idea regarding rogue software.


    Get back to you these days with an answer.


    Take care.

  • Charyb
    Charyb ✭✭✭

    I had two rogue antivirus programs install that BitDefender did not detect. The links to these rogues came in a link in my email. I knew what they were and decided to give BD a test. Both definitions and heuristics did not detect. IDS and AVC both set to normal.


    This is why I recommended manually moving a file to quarantine and having the ability to block processes. From quarantine the executable is in a place where it can do no harm and at the same time can be submitted to BitDefender for testing.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    Interesting situation. Have you tried to browse the web in Sandbox?


    Clicking those links in a safe web environment wouldn't affect the PC.


    Also, in order to run a rogue program, you need to download and execute an .EXE file. If you didn't do this, you have software(browser, Oracle java, Adobe Flash) that are too old and exploitable.


    Please make sure that you have the latest versions.


    Take care.

  • Charyb
    Charyb ✭✭✭

    Trust me, everything is always kept up to date. I have used the sandbox and would like to have the option to have the browser automatically sandboxed.


    As for the rogue(s)... Yes, I did download and execute the .exe file. This is what I meant when I stated that I tested BF. I wanted to see if BF would stop the rogue install. It did not.


    Thanks for the response.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    Thank you for your feedback.


    I will send your request to the appropriate department.


    When I have news on this, I will post them here.


    Take care.

All Time Leaders

Categories

Defenders of the month