Rootkit Scan

^_^ Hellow,


I was wondering if you can add an option in the main scannig window,"SCAN NOW", to scan the pc for rootkits.It would be much easyer then go to PERSONALIZED SCAN and deploy a scan from there with custom settings.


Other antiviruses have this and it would be better if BITDEFENDER had one.It's much easyer.


You could also add a delete button for history scans from"PERSONALYZED SCAN".With the time it is going to get full and I can't remember the settings or tags of that scan so,I think it useless.Or you could just make bitdefender delete them after a while since the last utilisation.


Thank you.

Comments

  • coolcool1227
    coolcool1227 ✭✭✭
    edited January 2013

    This feature is already requested here, and is declined every time for no convincing reasons and hopefully decline this time also.


    Features Integration Request (Check point 13)


    and


    Please Add Feature: Anti-rootkit


    I am still in favor of the said feature and vote for its implementation in the next release of the product.

  • columbo
    columbo
    edited January 2013

    You've had that request out there for awhile, ONT (1st link, check point #13) It's not real hard to create a personalized Rootkit scan (complete with auto PC shutdown), but for ease of use to have it incorporated right into Bitdefender, might be nice :)


    BDRootkitscan.jpg

  • suditu
    suditu ✭✭
    edited January 2013


    Yes,but how do i know wich sectors,files to scan.Some avs when they scan for rootkits i saw they were scaning drivers.


    Last time when i got a rootkit bitdefender rescue cd found it in C/Windows/System32/drivers.


    The file was "acpy.sys".rootkit SIMBA.A


    The trouble with rootkits is that they are hard to find.If you scan just the critical areas where rootkits often install you might find them but,i want to ask you wich are those areas ?


    I inted to do a rootkit scan which it's not suposed to scan all computer. For Gdata ROOTKITT SCAN lasts 15 minutes or less.


    If bitdefender would do this it would be nice.They can also add a scheduelor for custom scans. :rolleyes:

  • Thanks for the link, ONT :)


    Yes andrei, I agree, and I think that also was ONT's concern in his 1st post of his link provided (correct ONT?) is that for a novice, would be confused on where to scan, target. I myself just selected C:/ drive for the scan.


    So in that sense, I have to agree with the idea of a "predetermined" Rootkit System scan, that is part of the BD scan options.

  • Thanks for the link, ONT :)


    Yes andrei, I agree, and I think that also was ONT's concern in his 1st post of his link provided (correct ONT?) is that for a novice, would be confused on where to scan, target. I myself just selected C:/ drive for the scan.


    So in that sense, I have to agree with the idea of a "predetermined" Rootkit System scan, that is part of the BD scan options.


    You got my point columbo, on one side they are designing the product (silent security) for novice users and on the other side there are some lacking for them also.

  • suditu
    suditu ✭✭
    edited January 2013
    You got my point columbo, on one side they are designing the product (silent security) for novice users and on the other side there are some lacking for them also.


    It can't be so hard to add a rootkit scan task.They have just to introduce the scan tags and atach it to the scan option.


    A programmer in c++/c can do this in a short time.This is no hard job .


    In Visual Basic is eaven less complicated.


    Advantages are :no big scanning time needed,scan just for rootkits and then if a rootkit is found you can run a full ,long scan.


    I can't understand why they haven't added a rootkit scan task.


    Bitdefender is so easy to use that eaven a 5 years old kid can use it,and then ,why not such a scan ?


    User mode and autopilot mode ,both,need a bit of improvement.

  • Thanks for the link, ONT :)


    Yes andrei, I agree, and I think that also was ONT's concern in his 1st post of his link provided (correct ONT?) is that for a novice, would be confused on where to scan, target. I myself just selected C:/ drive for the scan.


    So in that sense, I have to agree with the idea of a "predetermined" Rootkit System scan, that is part of the BD scan options.


    You can add just C:/Windows.Usually rootkits are trying to hide things from av's,but not in a normal way from folder options,i think rootkits interact with the kernel by infecting drivers.


    acpy.sys is ACPI driver for NT and is a system driver digitally signed by Microsoft.


    I'll create a custom rootkitscan by importing targets from mbar{Malwerebytes antirootkit} witch are boot sectors ,drivers,Driverstore.


    See the image.


    post-123065-1357977056_thumb.png

  • Hello :)


    You can scan and remove rootkits using Rescue Mode:


    http://forum.bitdefender.com/index.php?showtopic=31833


    Take care.