1 of games I play updated today and even when it’s marked as Trusted it still virtualizes it cause there’s another Untrusted .exe which CIS doesn’t show as most recently seen.
Had to search that 2nd exe (and total of 3rd game file on list) until finally got it working w/o virtualization.
In terms of logic, I find this rather intelligent on the part of comodo. Perhaps not a very good comparison: there are two headlights on the car. One of them no longer shines brightly or not at all. What does the garage or a policeman say?
What if this was a trusted but compromised game and was dropping malicious payloads?
Any Unknown Executable will be virtualized/Contained, no matter where they come from, period!
Its for your safety!
Thanks to this design all our users and customers were protected against Sunburst attack SunBurst : APT against Solarwinds , mapped to Kill Chain – Comodo Tech Talk that caused havoc in the world!
“Comodo is not the nanny of what user do but the nunny of the programs.”
Trusted source and CIS just decided to hide that 3rd item (wasn’t findable w/o search).
Both say that need to be replaced (not that easy on modern cars), other writes nice bill and other writes nice ticket.
Mostly ppls don’t care if they have 1 headlight gone as long as 1 works (pref. driver’s side).
are you saying you can’t find all the Unknown Executables CIS contains?
Well it wasn’t in Top10 First observed files (other 2 blocked were) nor wasn’t in Top10 on Ratings (could been in Top 15).
You can search the file list by clicking the magnifying glass next to where it says File Path.
I know that but like I said it didn’t how on firsties and on contained it only showed executable which had been allowed to run already.
Well it didn’t take long to get another, this time it blocks jdownloader2’s update even after I have whitelisted all 3 related files cis search can find on file list but that 4th (.jar file) is elusive since it appears only briefly in containment.
EDIT: well for some reason dling installer and using it to install latest version cis didn’t contain anything. previous updates (auto) went just fine until newest got blocked.
EDIT 2: 3rd time is charm or something, cis blocked Chrome portable’s installer (downloaded from portableapps)