Task Killer And Manually Moving File To Quarantine

Charyb

1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).

2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.

Charyb

1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).

2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.

I don't know the rules on double posting but I am going to post a correction since I can no longer edit the first post.

#2 should read "process killer/blocker"

rootkit

Hello

Welcome back.

Let talk about your feature request:

1. You can send us the file directly on the Malware Area and I will send it to the labs directly.

http://forum.bitdefender.com/index.php?showforum=196

2. This is a great idea, I will forward it to our developers.

Take care.

Rampant

I wish to propose a block antivirus, but I for some reason does not work, the program will still run.

rootkit

Hello

Do you have the default settings in the product?

Take care.

Rampant

Antivirus has manual settings, but what does it matter?

rootkit

Hello

I need to know the level for the Active Virus Control. Is it "Permissive"?

Thank you.

Rampant

AVC - aggressiv, IDS - normal.

rootkit

Hello

I will run some tests and get back to you with an answer.

Take care.

coolcool1227

1. Ability to manually move a suspicious file to quarantine (a file that BD does not recognize as a threat).

Already asked here and waiting for reply.

2. Task killer/blocker - When a rogue hijacks task manager as well as the rest of your system, this will help to regain control of your system.

A similar feature was suggested here in point 7, but you suggested in a better way.

rootkit

Hello

A feature request was posted by Danny regarding Task Manager and Registry Editor.

Take care.

rootkit

Hello

I now have a final answer:

The option to block a specific executable from AVC will block that process if its actions exceed the treshold set by AVC's level (what it would normally do if it weren't added to the exceptions list).

So, the module is functioning as designed (FaD).

Take care.

Rampant

If it is possible to unlock the process, why not lock it?

rootkit

Hello

Why do you want to block a valid and legit software?

You could do this via the Parental Control module.

Take care.

Rampant

I just ran into a situation where a rogue antivirus Bitdefender missed, and I had to block the destruction of its own methods, although it was possible to block the active unit of Bitdefender. Thank you, I have no more questions.

rootkit

Hi

Welcome back.

I will talk with my colleagues about this and will add another idea regarding rogue software.

Get back to you these days with an answer.

Take care.

Charyb

I had two rogue antivirus programs install that BitDefender did not detect. The links to these rogues came in a link in my email. I knew what they were and decided to give BD a test. Both definitions and heuristics did not detect. IDS and AVC both set to normal.

This is why I recommended manually moving a file to quarantine and having the ability to block processes. From quarantine the executable is in a place where it can do no harm and at the same time can be submitted to BitDefender for testing.

rootkit

Hello

Interesting situation. Have you tried to browse the web in Sandbox?

Clicking those links in a safe web environment wouldn't affect the PC.

Also, in order to run a rogue program, you need to download and execute an .EXE file. If you didn't do this, you have software(browser, Oracle java, Adobe Flash) that are too old and exploitable.

Please make sure that you have the latest versions.

Take care.

Charyb

Trust me, everything is always kept up to date. I have used the sandbox and would like to have the option to have the browser automatically sandboxed.

As for the rogue(s)... Yes, I did download and execute the .exe file. This is what I meant when I stated that I tested BF. I wanted to see if BF would stop the rogue install. It did not.

Thanks for the response.

rootkit

Hello

Thank you for your feedback.

I will send your request to the appropriate department.

When I have news on this, I will post them here.

Take care.