Bitdefender Internet Security 2020 — a revisit to the autopilot

[Parsh]

I had to go back to Kaspersky. Bitdefender was blocking Steam games updates.

That's weird, I didn't have that problem.
Anyway, it might be the Safe Files & Ransomware Remediation module.

Protected Folders feature did not block my script when testing it before posting the thread. So I went through some forums for understanding it ...
where I read a number of steam users had problems with BD. And the most common cause was Protected Folders against ransomware — that by default governs folders like My Documents (used by some Steam games).
To address this issue, one could set exceptions after verifying the logs (the blocker module and the blocked app) or remove My Documents from Protected Folder, reset Winsock and may be try moving installed games to a different drive if feasible.

 

[blackice]

That's weird, I didn't have that problem.
Anyway, it might be the Safe Files & Ransomware Remediation module.

It could also be country dependent if it’s a firewall block if the IP address for the server in that region does not have a well known reputation.

As for protected folders I save my critical documents in a separate drive and have it protect that folder. Then the default docs folder can be used by steam or whatever else without issue as I don’t have to block it.

 

[Parsh]

It could also be country dependent if it’s a firewall block if the IP address for the server in that region does not have a well known reputation.

I am not sure about AVs doing that. Have you read or seen such a case?

 

[blackice]

I am not sure about AVs doing that. Have you read or seen such a case?

No, and thinking about it...it is probably the file is just too new and BD is flagging it and blocking it with the firewall. You’re probably right.

 

[SeriousHoax]

Then the default docs folder can be used by steam or whatever else without issue as I don’t have to block it.

How do you do that though? The default Documents folder can't be deleted from CFA.

 

[blackice]

How do you do that though? The default Documents folder can't be deleted from CFA.

Well it helps that I use a SUA, it actually only added the admin's doc folder, not my docs folder for the daily user account for some reason. I didn't realize it wouldn't let you remove them. Even if you run as admin?

 

[Parsh]

As for protected folders I save my critical documents in a separate drive and have it protect that folder. Then the default docs folder can be used by steam or whatever else without issue as I don’t have to block it.

How do you do that though? The default Documents folder can't be deleted from CFA.

You mean Protected Folders that @blackice referred to right?
I don't have it installed currently but I can see an option for that (ignore the red highlight)

 

[blackice]

Issues with protected folders are why I never leave CFA on when using WD. I had similar issues with Steam and CFA.

 

[SeriousHoax]

Well it helps that I use a SUA, it actually only added the admin's doc folder, not my docs folder for the daily user account for some reason. I didn't realize it wouldn't let you remove them. Even if you run as admin?

It's a SUA thing then. The remove button is greyed out in Admin account for the default added folders.

 

[blackice]

It's a SUA thing then. The remove button is greyed out in Admin account for the default added folders.
View attachment 237097

I found certain items unchangeable unless I force the interface to run ekevated, but that's on SUA. I'll check if mine are greyed out too this afternoon. It's a module i can live without with backups, but should be able to work properly.

 

[blackice]

@SeriousHoax I just realized you were talking CFA and not BD protected folders. I got screenshots together then looked at the picture in your post and did a facepalm. I had no end of trouble having to add exceptions every time CFA blocked a game save or some other thing. The logs are useable, but not great. I eventually turn CFA off half the time. Now Macrium has image guardian I can have a protected more recent backup that’s not offline. Seems to work well. I’m hopeful that BD file protection is helpful and useable, though @Parsh ’s testing leaves me feeling it may not be as protective as we want.

 

[Parsh]

I’m hopeful that BD file protection is helpful and useable, though @Parsh ’s testing leaves me feeling it may not be as protective as we want.

I am actually not sure about the stance of BD Protected Folders.
Since BD would have allowed me to delete files from a Protected Folder via explorer, I ran a simple script to delete files from a PF. And BD did not block it as I'd shared in a screenshot.
Now it's possible that it deemed the script to be just safe or that it was created and triggered by the user, hence considered safe. I don't know. But I do not think this is a bug - if yes, it would be too big of a hole to be missed.
A good way to verify it would be against some actual malware. Like the recent Chinese RW that CS shared at the hub

 

[SeriousHoax]

I am actually not sure about the stance of BD Protected Folders.
Since BD would have allowed me to delete files from a Protected Folder via explorer, I ran a simple script to delete files from a PF. And BD did not block it as I'd shared in a screenshot.
Now it's possible that it deemed the script to be just safe or that it was created and triggered by the user, hence considered safe. I don't know. But I do not think this is a bug - if yes, it would be too big of a hole to be missed.
A good way to verify it would be against some actual malware. Like the recent Chinese RW that CS shared at the hub

Do you still have Bitdefender installed?

 

[Parsh]

Do you still have Bitdefender installed?

No, I replaced it back with ESET.
I was thinking of running a quick test with a sample on BD. But for professional reasons I'm keeping away from testing malware in any form on my laptop