Only the subscribers to the payed version are affected. The user of the Free version are not.
True, but that’s just because the free edition doesn’t include Behavioral Blocker (BB)
These things happen. FP's are a necessary byproduct of trying to completely protect a computer using only signature detection. As can be seen, sometimes these signatures can get a bit greedy.
Hi Chiron,
What kind of signatures are you talking about? BB’s do not rely on / not using signatures.
Well, sure we (at least me personally) don’t have detailed info about Avira’s BB flaw in their recent SP
At the same time,... again ...
users must be blamed as well if not in the 1st placeSuch disasters happened in the past and will happen in the future
It was discussed here & in other forums
As soon as any security installed – go through all options and disable auto-quarantine / auto-deletion wherever you can see that
Set those to “Notify” only. You must not allow any security silently quarantine/delete anything
Pay attention to anything considered as a threat which resides in a system area
This way users are protected against such malware as their own security
And we all know (I hope) that even if those important system files are infected indeed – there is no way any security should attempt to quarantine/delete them, since special procedures are needed to deal with such in order to repair/put back the legit ones
As for BB's (no signatures involved) - the rule of thumb is pretty much the same
The thing is that most BB’s (or HIPS - not the same but similar) have just Alerts as a default with Block/Quarantine/Allow/Create Rule/etc. options
Honestly, I was not interested in Avira’s ProActiv behavioral-based monitoring system, therefore I will refrain myself from comments & judging at the moment, but according to common sense – it most likely (or rather should) has similar setting(s) for not blocking/quarantining by default.
Cheers!
p.s. Since it’s offtopic here
That said, I would have hoped that some precautions would have been put in place to at least protect against critical windows system files like this. Hopefully they are now (and as far as I'm aware they already are with Comodo). Comodo does not scan whitelisted files, which should include all Windows files.
can you please PM me some details about this matter in particular
That is interesting, because system files can be poisoned; substituted; dig signatures can be forged … and so on... So how those crucial sys files are whitelised & not “scanned” / or not checked by Defense+/ or theoretically by by so many times promised awaited BB by Comodo
Thanks in advance
Author