I have a custom theme for windows that replaces the typical startbar and borders and background colors and areo effects and ect.
Long story short my explorer.exe and some other windows files were patched by the theme installer and now comodo doesn’t recognize them and when I set the security mode to proactive + autosandbox it is adding system files to the sandbox and when I try to open it everything just lags for a half hour, closes, and restarts.
Is there any way instead of having Comodo put unknown files instantly in the sandbox I could set it to instantly ask me what I wanted to do with unknown files instead? I’ve looked but can not find an option to do this. Please help, I’ve had to uninstall it for now.
currently there is not a way to do this but there is a wish for this in our internal tracker. I really want this to be implemented to so hopefully it comes soon.
Is there any way I could sign up to be emailed when this feature is implemented? Or is there some page where I can check its progress?
Edit: For now I have Hips with enhanced protection mode enabled, autosandbox enabled with run virtually unrecognized turned off, Viruscope set to monitor sandboxed applications only (in case I ever get the sandbox running again), and proactive security on.
Edit again: The second I did that it froze again. I think once I set the files to trusted the issue is that they do not match the database’s definition of “windows files” and run from suspicious locations. So having marked explorer.exe and tskmanager as trusted I’ve turned on autosandbox all unknown files (it is showing 0 unknown files now) and turned off “autosandbox any from suspicious locations” and the crashing seems to have stopped for now.
With unrecognized files autosandboxed that means only files comodo trusts/I tell it to trust should be able to run in the first place so I don’t see a problem with letting safe files possibly run from suspicious locations. I may tinker with this more and change the rule from “any in suspicious locations” to “unrecognized in suspicious locations” and enable it for added security and see if the crashing comes back.
Final edit (I hope): I found out the crashing happens whenever something gets added to the sandbox regardless of if it is a system file or not and that microsoft security essentials crashes whenever I try to update it/close it. So I guess the issue is that the two programs no longer get along. Rip mse looks like I’m using just comodo and mbam pro now.