Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

Activities Virus Control Improved

Options


Been to own tests, AVC and IDS are unable to monitor the following malicious behavior, in order to help improve the AVC and IDS, I propose the following behaviors hope improved. Thank you


Behavior Description: inject code, modify EIP execute their own code, perpetrating a fraud, so that users considered normal process


For example:% WINDIR% \ explorer.exe of Explorer.exe of


Behavior Description: After running delete itself.


Behavior Description: tampering with system files


This AVC unable to detect:% system% \ config \ system.LOG


Behavior Description: Disable Registry Editor


Behavior Description: Disable Task Manager


Behavior Description: Modify function entry point attribute to writable


This AVC unable to detect: ws2_32.dll getaddrinfows2_32.dll gethostbyname!!


Behavior Description: inline hook own process


This AVC unable to detect: xxx.exe WS2_32.dll gethostbyname Ordinal:! 52 HookType: InlineHook


Behavior Description: using the global message hook injected into other processes specified file


This AVC unable to detect:% system% \ ftpdll.dll


Behavior Description: Create a common file system of the same name, suspected of hijacking the normal file system, common in virus behavior


This AVC unable to detect: [shell] - explorer.exe

Comments

  • Hi. I am not entirely sure about this but I think you're referring to File Integrity Monitoring here, not Intrusion Detection. Please correct me if I'm wrong. 1.gif