The last 2 or 3 days when I have updated CIS 4 AV through console I get unclassified malware detections during update process.
I know these are just the signatures being loaded into CIS and the temp file vanishes when complete as it should.
If you block and or quarantine it does the update fail? If you allow it (which i have done then rescan and there is nothing on system) Do we now get into the habbit of deciding which virus signatures we allow and dont?
CIS 4 update path C:\Windows\Temp\CB8223.tmp < this was todays update cav.4461 i think
I dont want to report as a false positive - because these are required signatures for detection - my point is that CIS 4 update shouldnt detect its own update as malware! <<
The other change that has occured in the last 2-3 days - Avira now detects same temp files and deny access. Prior to the last couple of days it would recognize signatures and allow access some how knowing it was database signature updates. (P.S. - before telling me running 2 av’s blah blah blah dont I am fully aware of POTENTIAL conflicts this has nothing 2 do with that)
Needless to say - Avira blocked access - CIS 4 quarantined threat yet CIS tells me update has been successfully updated. CIS 4 Diagnostic says all is running normallly.
System - Windows 7 64 - on-demand - hitman - malwarebytes - A-squared - SAS. I am virus free
The point of my dribble is CIS 4 detects its own update (during update process) as malware threat.