Author Topic: Auto-delete by CCE is a potential danger and trouble  (Read 4651 times)

Offline aigle

  • Comodo's Hero
  • *****
  • Posts: 716
Auto-delete by CCE is a potential danger and trouble
« on: November 26, 2012, 12:42:41 AM »
There must be an option so that CCE will not auto-delete suspected/ malicious files. It can just give the report after the scan and then user can decide what to be deleted, what to be quarantined and what to be left alone.

II tried it on one of my laptops and it instantly deleted the audio driver thinking of it as malware. No way to stop this or even get this back. Too bad.

Offline SiberLynx

  • Comodo's Hero
  • *****
  • Posts: 2194
Re: Auto-delete by CCE is a potential danger and trouble
« Reply #1 on: November 26, 2012, 04:12:12 AM »
There must be an option so that CCE will not auto-delete suspected/ malicious files. It can just give the report after the scan and then user can decide what to be deleted, what to be quarantined and what to be left alone...
Hi aigle,

Sure, you are right

Well I am one of those who tested products like and CCE, CTM, & CIS. I was never too vocal about either of those... just few comments
CCE & CTM are dead for me forever

But there were several discussion about CIS and similar strategy by its AV.
Definitely there must be options for just reporting/alerting instead of auto-quarantining/auto-deleting
But at the moment that is going nowhere, unfortunately, because of "popular demands" ... meaning "less alerts"

Hundreds of wishes about making alerts more understandable were simply ignored

Users had accidents like this in the past, now you experienced "it" & users will have much more & more dangerous than just audio driver being deleted ( I don't mean to neglect your current problem by saying that ... I hope you got it right)  
 
TVL/digital signatures/whitelisting is not reliable technology at all at least nowadays (not going into details & OffTopic here. That matter was discussed starting years ago )

So again, probably the developers will change their mind and give us a choice
By "us" I mean two categories of users thinking:
1) I do not care - I do not want  any alerts produced by my security ... do whatever you want: quarantine/ delete/save my system/ or crash my system beyond repair/etc.;
2) I want notifications and proper report saved only. As many Alerts as necessary are fine. Now I have a chance to investigate & make my own decision based on experiences (my own, Comodo developers; 3rd parties)

Cheers!
« Last Edit: November 26, 2012, 04:18:23 AM by SiberLynx »
Main OS - Ubuntu
XP Pro, SP3 (32bit), Admin; Comodo Firewall 3.14.130099.587; Proactive with Defense+; Emsisoft Anti-Malware v9; Sandboxie
Win 7 x64, Admin (UAC off); Win7 advanced FW +TinyWall; Emsisoft Anti-Malware v9; Sandboxie
Win 7 Ultimate 32bit (UAC off); Emsisoft Internet Security v9 beta

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek