It is not correct, it should not be like this.
According to the Comodo Internet Security - Version 8.0 - English - help, in the section
General Tasks –> Introduction → Processing Infected Files
either of the choices “Add to Trusted Files” or “Add to Exclusions” should
permanently stop any further complaints about the file in question:
I can confirm that this also happened to me, when I was using CIS 8.0.
It also happened when I did not scan, but browsed with Windows Explorer to any folder containing a false positive file.
The AV was set to its default; “Stateful”, and so when the real-time AV looked at the file,
it created the pop-up window where it told me that it had found the file to be a threat.
Whenever I chose either “Add To Exclusions” or “Add to Trusted Files”,
the pop-up window went away, just to re-appear a few seconds later.
For me, the only thing I could do to stop these pop-up windows from re-appearing,
was to manually open the list of Exclusions;
Tasks → Advanced Tasks → Advanced Settings → Security Settings → Antivirus Settings → Exclusions
then add the false positive file to the list, and then click OK.
Thanks for your response . . .
So you agree with me when I say that it may be a bug …
I considered several times the possibility of excluding declaring “false positive”, but so I thought I sent the incorrect information to the servers of Comodo. I did not say “false”, but only “not correct”, because as you know, there are some software that integrate some options not really malicious, but determined as such by some antivirus.
I remember that this issue was already CIS 5, so… I think that the development team of CIS should take care of …
Please use the required format.
Also, the attached screenshot does not ilustrate your report very well since you did not select the mentioned action (“Add to Exclusions”). A video might be more suitable, actually.
A. THE BUG/ISSUE (Varies from issue to issue) Can you reproduce the problem & if so how reliably?:
? Yes: simply find an application recognized as suspected by Comodo during a scan. [Sorry for my bad google english :(] If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1:? When the scan of the CIS is finished and CIS has detected one or more malware, you have five choices [single (per item) or global (unique choice for all items identified as suspects)].
2:? these five choices are: “Remove”, “Ignore Once”, “Add safe files”, Report as false positive" and “Add to exclusions”
3:? choosing “Add to exclusions” in subsequent scans the threat is always identified and are again proposed the five choices. Always. One or two sentences explaining what actually happened:
? Quite simply: after selecting the choice “Add to exclusions” the element/elements for which I have decided to add to the exclusions and that the common interpretation of the choice, should no longer be detected by CIS, instead, every time you start a new scan these items (which should be ignored) are replicated each time. One or two sentences explaining what you expected to happen:
? Very simple: if I decide knowingly to accept the risk, because I am convinced that the item is not a real malware, that is not really dangerous, or do not annoys me - for eg. - that the home of my browser is replaced by another, the choice “Add to exclusions” is one that should do for me. unfortunately it does not work as I expect If a software compatibility problem have you tried the advice to make programs work with CIS?:
? Nothing to report Any software except CIS/OS involved? If so - name, & exact version:
? The problem occurs with any software. For example, it can be reproduced with PowerISO 6.0 64bit (http://www.poweriso.com/) Any other information, eg your guess at the cause, how you tried to fix it etc:
? The problem is not solvable. One way “hasty” and “perfunctory” would be to select the “Add files safe” or “Report as false positive”, but I do not seem to be the best choices and / or more correct …
B. YOUR SETUP Exact CIS version & configuration:
? v.220.127.116.1144 dB 20407 - configuration attached . . . Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
? All: D+ (yes), HIPS (yes), Autosandbox (yes), Firewall (custom rules), AV (Optimized) Have you made any other changes to the default config? (egs here.):
? No Have you updated (without uninstall) from CIS 5 or CIS6?:
? No if so, have you tried a a a clean reinstall - if not please do?:
? read on Have you imported a config from a previous version of CIS:
? No… I make manually myself and verified manually step by step correctness, consistency, and congruity with new CIS if so, have you tried a standard config - if not please do:
? I can try, but I’m not very convinced to do it, but I want to continue using my configuration OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
?- Win7 Ultimate 64bit SP1
Ali SEASONIC 80 Plus Platinum 1000W
MB Asus Z97,
CPU INTEL i7 4770K,
RAM Dominator® Platinum with Corsair Link Connector — 1_65V 16GB Dual Channel DDR3 Memory Kit (CMD16GX3M2A2400C10),
VideoCard Palit nVidiA GeForce GTX 770 JetStream
1 HD SAMSUNG SSD 840 (O.S. and program)
2 HD Western Digital Red 1TB RAID 1
1 HD Western Digital Red 1TB redundancy backup
Liquid cooling for all… Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
No… I use Only CIS. My Windows Firewall is disable.
Thanks very much, that’s a good bug report. (I assume you use ? as a prompt not to indicate doubt).
But could you please append an export of your tailored configuration file (Settings ~ General ~ Configurations), as it may be needed to replicate this bug. Also please run diagnostics (Help ~ Diagnostics) and append the file.
(I realise one other person has found this, but I have not observed it on my system, so there may be a config difference.)