got a serious problem with Defense+ sandboxing perfectly known and safe applications!
What happens is that I open a file for a normally known and trusted application (say: *.txt file with Notepad, or *.doc file with MS Word), and then my computer apparently freezes for quite a while until ultimately loading the app.
After investigating I finally found the culprit: Defense+ is putting those known application into the sandbox and scanning them online (see attached jpg)
WTF???
a) Why on earth is CIS sandboxing such programs like Notepad or Winword? They are known, both to Comodo and to my CIS installation, as I have manually defined them several times as trusted apps. When trying to define them again as trusted, CIS tells me it is already a trusted app…
b) What exactly is being scanned online? The application file? Or worse: the file triggering the opening of the app (i.e. the txt or doc file)? I definitively do NOT want CIS to send any file from my computer (exe or other) to some online scanner without telling me. There is no notification whatsoever, all I see is that CIS is generating internet traffic. HELLO? EXCUSE ME??? Did I miss something? Isn’t a firewall here to exactly stop such behavior from software? Connecting to some unknown mothership and sending files from my computer to some unidentified destination??? Sorry guys, but I’m having a hard time accepting such a behavior from a firewall software, as good intentioned as it may be.
So my questions are:
How to make sure CIS does not sandbox known (and trusted) apps any more?, and
How to stop (or better: impede) CIS from sending files to some online scanner without bringing the whole app to its knees?
This is THE reason I dumped Comodo. I had the same issues as well. On top of those issues, I was sick of seeing that Comodo sent Microsoft processes to the cloud for further analysis, over and over again, even though all of those processes were in the trusted list. My computer was slowed to a crawl just ■■■■ everyday things.
I may not be as protected with Panda Cloud as I was with CIS, but I refuse to have to babysit my antivirus every time I hit the on button. Instead of adding new items like DACS, Comodo needs to fix their current version first!
From my understanding I believe it’s just executables and possible dll’s. So it’s probably just sending the files for microsoft office, etc…
I’ll ask the other mod’s to see if any of them has any more information.
Still, this is probably an installation problem of some sort. A reinstall should solve it. Although you could export your configuration and import it into the new one that may be part of the problem. I’d shy away from trying it, but you can if you want.
When a safe file gets started by sandboxed application the safe file will get sandboxed as well. That may be what is causing the seemingly erratic behaviour being witnessed.
With cloud look up enabled CIS will, when it finds an unknown file, upload its hash code to the cloud to see if it known. When it is unknown it will upload the file. It will not upload .doc or .txt etc but it will upload scripts if I recall correctly.
As Chiron suggested you can export your active configuration. Then try a clean installation. After that you can import it and see what happens. You can then also test it with a clean config as well to see if there is something not right with your settings.
OK, thanks for the explanations. However, the parent app is a trusted one (i.e. Notepad or WinWord), NOT sandboxed, so I still don’t see why that should trigger all that problem.
Anyway, I have reinstalled CIS and will see now what happens.
What version. Keep in mind that CCleaner is regularly updated and that there is always a period where an updated program is not white listed.But when you know you downloaded the new version from a reputable source you can add it to Trusted Files yourself.
CIS also does not recognize RocketDock (old program Dock).