CIS - Hidden Sandbox/Virtualization Settings Causing Issue?

At home I’ve just updated from an earlier version of CIS to the most recent (free) version.

I’m running Windows 7 64 bit.

Under the earlier CIS I was using (on the same OE), Mass effect 2 would not run properly (there was no sound in the game) if I set it by default as a trusted application.

If however I simply allowed whatever security requests Comodo asked about during ME2’s boot it would work fine.

This issue seems to have been compounded with the new version of CIS.

After I updated, I ran Mass Effect 2 and unintentionally started it in the new sandbox mode (a new CIS feature I wasn’t aware of until that point).

Of course this wasn’t suitable (the keyboard input wouldn’t work), and I fiddled around and stopped that from happening, but now Mass Effect 2 doesn’t trigger CIS to ask about any security preferences, and it acts much the same way as it did when I use to set it as trusted under the old CIS (no in game sound).

The problem is that there doesn’t appear to be any way for me to permanently reset the security setting as they are apparently stored somewhere in the sandbox cache.

If I add (and subsequently remove) the trusted setting for the ME2 executable in the CIS Defence + area this seems to act as a one-time reset, and the next ME2 boots after that change it starts correctly with sound (it still doesn’t trigger a security query from Defence + though, even if I’ve removed it from the D+ white list).

Obviously this is not something I want to keep doing, and it is something that isn’t working the way that I think you, or your other clients would want.

I can’t be 100 percent sure, but I think a few other things that I unintentionally started in sandbox mode seem to be the same. Not that they don’t work suitably, but rather that D+ no longer queries their security settings even though I never implicitly set any of them permanently, and so the settings seem to be stored and still referenced from the sandbox.

On a related note, while I think the integration of a virtual sandbox mode directly into CIS is a great additional security measure (I’ve been using Sandboxie in a similar manner), but having CIS automatically try to sandbox everything it has no explicit reference for is not wise.

No matter how simple you make the process, understanding and effectively using virtual sandboxes is an advanced security method, and applying it as a one-size-fits-all process is fraught with hazard, and consequently, often self compromising, as most users find that turning it off is easier than trying to understand its quirks and nuances.

A living example of this can be seen with MS’s implementation of the UAC, which is itself a specialised sandbox mode.

I’ve kept the CIS sandbox functional, but turned off all the automatic implementation, so that I can force an application to be sandboxed, but it will never automatically be sandboxed, which I think is the way that it should work by default.

Please post your defense plus event logs, so we can see exactly what is happening.

Meanwhile I will transfer this to help until we establish whether it is a bug or not.

Best wishes