Bitdefender should respect user instruction to eject media by stopping scan of external drive

I have Bitdefender Internet Security ("BIS"), version 26.0.18.75, running on Windows 8.1 x64.

A couple of weeks ago I had plugged in an external USB flash drive. After copying a file or two, I requested through the Windows system tray to eject the medium. To my surprise I was told that the device couldn't be ejected (or shouldn't be unplugged), because it was still in use.

Only after closing down a variety of applications that had been open I finally realised that it was in the process of being automatically scanned by BIS.

I have no problem with BIS scanning external media automatically. And I am aware that alternative preferences could be set by the user, per https://community.bitdefender.com/en/discussion/92085/usb-drive-scanned

However, to me such scans should be treated more like a background process to be done where available, while it doesn't interfere with the user experience. So I would prefer that when the user explicitly asks Windows to be able to eject the device, BIS could (somehow) receive that message and stop the scan in order to release the device.

Just to throw in one more analogy, I would expect it to work a bit like a task to defragment a disk during idle periods.

1 votes

In Review · Last Updated

Comments

  • Flexx
    Flexx mod
    edited July 2022

    While your feedback is welcomed but personally I do not see this as a useful feature to be added to the product. Bitdefender already provides you the option whether you want to auto scan an external usb drive or not.

    Let's see what the admins (@Mike_BD, @Alexandru_BD), moderators & defenders of the month (@Math_Matei, @Gjoksi, @Scott) think of your feedback.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Hello.

    Well, @mrmirakhur is absolutely right!

    Sorry to say, but i also don't see any point of adding that feature to any Bitdefender program for Windows.

    In other words, the feature will be useless.

    But, that's just my opinion, maybe someone else has different opinio.

    Regards.

  • Scott
    Scott ✭✭✭✭✭
    edited July 2022

    I saw this thread, read it over and moved on.

    I'm one of those alternate preference users in that I'm the only one using a USB flash drive on my devices and I know what's on them, so I disabled Autoscan and set it to "ask every time". It works quickly and efficiently in that way getting to the files and folders, then unmounting the flash drive, it's pretty instantaneous (image below). On-access scanning happens very quickly, so I know it's not laboring to scan some opened or simply modified files keeping Windows from waiting for the scan, the process to stop.

    So yes, I agree with @mrmirakhur post.


    All Bitdefender Home Product User Guides: https://www.bitdefender.com/consumer/support/user-guides/

  • DIVERSE
    DIVERSE ✭✭✭


    I guess a lot of victims of viruses "know" what's on their disks, "know" what's attached to the emails they've received, and "know" what they're downloading from various websites?

  • Scott
    Scott ✭✭✭✭✭

    Maybe I'm personally to trusting of Bitdefender's on-access scanning and its Online threat prevention? Point taken.

    All Bitdefender Home Product User Guides: https://www.bitdefender.com/consumer/support/user-guides/

  • DIVERSE
    DIVERSE ✭✭✭

    Thanks, @mrmirakhur, @Gjoksi & @Scott.

    I'm open to the possibility that not everyone will share my view, although I still find the counterview surprising. So much so that I second-guess whether I made my suggestion clear enough.

    First let's talk about the motivation for the feature of scanning USB drives. I might be inserting a USB drive that had previously been plugged in at work, or at the print shop, or at a friend/relative's house. Sure, the on-access scan should be enough to protect me. On the other hand, it'd be nice to get an earlier warning of something suspicious on the USB drive, even before I try to access it. Why? Well, there are several reasons: I might prefer to avoid passing an infected disk to someone; it might be helpful if I could let a friend/relative know that their system is infected; perhaps for some reason there's a future period of time when BIS isn't running on my own computer; .... But I'm not scanning in such a way that I want to make it my number one priority — if so, I would manually open up BIS and explicitly request the most rigorous scan. I just want the scanning to happen in the background while the computer is running and the USB drive is plugged in, without causing undue interference with the tasks I'm doing in the foreground. I'm looking to get a small benefit (mitigating an unlikely risk) at minimal cost (automatic task running 'invisibly' in the background).

    The current behaviour of locking the USB drive so that it can't be safely ejected until the scan is finished (or manually aborted) sounds as though it could only be useful for some poor lackey who sits in a windowless room and whose sole job all day long is to plug in and scan USB drives (to completion), in which case automating the initiation of the scan would be a marginal convenience. And in which case preventing this unfortunate soul from ejecting before completion of the scan would avoid incomplete scans as an absolute priority. I still really can't see that this behaviour would realistically be suitable for anybody in practice.

    Second, let's talk about usability. Suppose we apply the same logic to other applications. I have some web browsers that I might have configured to download updates in the background. And the operating system is configured to defragment disks while idle, and also to run the search indexer. And so on, and so on. In summary, there are a whole lot of tasks that run in the background. Now suppose that it's the end of the day and I want to log off and shut the computer down. However, the OS tells me "Sorry, the system cannot be shut down right now". But it doesn't tell me why. The culprit is anonymous. Apparently it's all my fault, because among all the many background tasks that could be running, and among all the several background tasks that are actually running, I'm supposed to hunt around manually launching the respective web browsers, Control Panel, etc. trying to find the running background task that has locked up the system, preventing the computer from being shut down. I don't think so!!! Computer users would never put up with this.

    So what is different about the current behaviour of the USB drive scanning? To me this should be a background process that is done only when it's convenient. When I request (through the OS) that the media be ejected, then it's because I'm done. I don't want to have to fish around trying to figure out which application has locked up the disk. And once the disk is ejected, the threat it poses to my system disappears.

    One final point: I am not proposing to "add" functionality. I am proposing to change the existing "autoscan" functionality, because I consider the current implementation of the "autoscan" functionality to be flawed.

    Scott has advised that his solution is to disable "autoscan" currently. I wait to hear from any users who love the current "autoscan" behaviour, and who believe that the modified behaviour that I proposed above would somehow be worse for them.

    —DIVERSE

    P.S. The GUI refers exclusively to "flash drives", rather than "USB drives". In principle when I say "USB" I'm open to the connector being Firewire or something else. It's worth noting that the descriptor "flash drives" does not include external USB hard-disk drives — although I wouldn't take it for granted that Bitdefender actually checks the nature of the media before deciding whether to scan or not.

  • @DIVERSE thank you for sharing your thoughts with us.

    I agree with the above opinions on this one. As the antivirus lets you choose whether you wish to auto scan an external usb drive or not, it is unlikely that the developers will consider a change here, in my opinion...

    The developers are considering aspects such as the value the respective feature brings to the average user, as each modification must be designed for both advanced users and less tech savvy users as well, to meet overall requirements.

    The developers always analyze feature requests based on many criteria and some will not be implemented even if they may have low complexity, as long as they do not provide value for a relevant mass of users. So it's always about weighing the pros and cons and finding true value in each new modification brought to the solution set.

    Nevertheless, I am not dismissing the idea from start and will forward your suggestion to our product teams.

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user

  • My "flash drive" is a 400 GB backup drive that only contains files from the notebook that Bitdefender scans. My backup was done 30 minutes ago and I have to leave for an appointment but I can't eject it. All other programs have been closed. What do I do?? Get a different antivirus?

  • devguydavid
    edited April 27

    I realize this is a very old post, but it is still an issue.

    In my case, I am a Mac user of GravityZone for our corporate environment. End users don't have control over the configuration. The original poster is absolutely right — this is a usability issue, especially for the average user. The average user is going to plug in their device, use it, then try to eject it, and find that they can't. Telling them to disable automatic scans is telling them to disable automatic security, and most IT security folks would advise against that. Even if we disabled automatic scans of external devices for our entire organization and configured it to ask every time, how many users will actually let it scan? They are busy and they want their machine to run fast in the moment regardless of the security implications. They will almost always deny the scan.

    Maybe I'm missing something, but unless I can figure this out we will probably need to find another solution.

  • Flexx
    Flexx mod
    edited April 27

    As a business/enterprise user, you should create a new topic. Nevertheless, kindly contact Bitdefender Business Support by visiting https://www.bitdefender.com/support/contact-us.html?last_page=BusinessCategory

    Additionally, @Andrei_S Enterprise from Bitdefender Enterprise team can check on this for you.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Hello @devguydavid ,

    From my point of view there are 2 options on how to approach things in this case:

    • You can try to customize your Policy from On-Demand → Scan Settings → External Devices Scan to be less aggressive and maybe limit the archive depth and archive size as well as the file types included in the scanning based on your risk tolerance. This way you can reduce the scan time.

    OR

    Kind Regards,

    Andrei

  • devguydavid
    edited April 30

    Feature request submitted. Thanks.

  • I found a workaround: when Bitdefender scans automatically a drive, it creates a separate icon for the scan task in the Windows notification area. Currently, I have 2 external drives connected, so I have 3 Bitdefender icons in the notification area. Those scan icons allow you to stop the scan, thus unlocking the device.

    Unfortunately, I hid the Bitdefender icon, so that I had not seen this before. I unhid the scan icons, hoping that this will remind me that BD is locking a drive in the future.

    That said, this is only a workaround. I agree that the best way would be for Bitdefender to cancel the scan and unlock the device when the eject command is detected. Or at least display a message warning the user that a scan is going on.