hi,
everytime i start that application the behavior blocker shows an alert and everytime i check “trust this application” and i choose “run unlimited”. the next time i start that application again the same story…
i tried to add the file to trusted files but it doesn’t help. ??? 88)
update: ok… i finally found it. i added it under advanced settings/security settings/defence +/behavior blocker/exeptions
well hidden and not user friendly at all. then again a alert window showed up the next time. there i confirmed that the application is ok. now it seems not to bother me anymore. why i have to state so many times that the app is trusted? 88) ???
I had the same problem with a program. I would open it, click “Don’t isolate next time”…close the program, re-open it and the program would be sand boxed again.
Can you describe your problem in more detail? What program is causing what alert? What version of CIS are you using? Does the program create new siblings each time it starts? And other details you think may be helpful.
I have the same problem on windows 7 Sp1 with a fresh install of comodo anti virus.
The program is SAP Business One client and it does have a sibling process.
I can see the files in the trusted files list but that does not help.
The only way I could avoid this is by adding it to the exceptions - seems wrong to me.
Anyway the Behavior watch seems buggy to me.
One more thing that might help - the windows 7 is in Hebrew GUI and I had just another program giving me the same problem so its not just the SAP program.
Does SAP business create siblings? In that case give SAP the Installer/Updater policy in Active HIPS rules. That way those created sisblings will get started without alerting the user.
[ol]- HIPS is not enabled at all on these machines
On another machine it works well (Windows 7 SP1 English) and I get a popup for the main process and the sibling only once. Then they are added to the trusted list and everything works.
On 2 other machines (windows 7 SP1 Hebrew) I get problems for SAP and other process that do not have siblings. It seems that on these machines the list of trusted files are not read well or ignored.
the only way to get around this was to add the folders to the exception list[/ol]
When dealing with a lot of sibling processes enabling the HIPS and using the Installer/Updater policy can be helpful; you won’t have to click as much.
- On 2 other machines (windows 7 SP1 Hebrew) I get problems for SAP and other process that do not have siblings. It seems that on these machines the list of trusted files are not read well or ignored.
- the only way to get around this was to add the folders to the exception list
Can you check whether the digital signatures of these executables are intact and whether they are on the Trusted Vendor List?[/ol]
I forgot to tell that you need to look up the file with Explorer to be able to check a signature if present.
Does this mean that comodo can't handle it properly?
When a file is not on the white list you can always add it to Trusted Files yourself when know it to be trustworthy.
It is also possible to ask Comodo to add executables to the white list in Submit Applications Here To Be Whitelisted - 2014. In this topic you can also ask to get a publisher added to the Trusted Vendor List.