I just installed CIS4 last night in Safe Mode and the install went smoothly. I was unable to import my saved configuration (normal mode), however. ??? It was sitting on my desktop before my very eyes and Windows/Comodo just would not list the config file out in the import window so I could “select” it for import. What’s up with that? I tried every thing I could think of. Even moved it to my Documents folder, but nope, no matter how I navigated to it, Win7x64 just couldn’t see it sitting right there on my desktop and list it out in the window!! So I put CIS in Training Mode and opened up all my usual programs so it could learn rules. FW and D+ application rules were created pretty much as expected. Having no problems now.
I notice there is not a “Switch to Installation Mode” link at the bottom of the summary page anymore. I don’t see it anywhere in the new UI. Am I just overlooking it? Or is D+ getting so smart it can read our minds? Haven’t needed to install anything, so not sure if D+ will hit me with tons of alerts at next install or not. Just curious.
i think, the old setting cfg doesnt fit, so it will not be shown as possible loadable cfg.
the global installation mode was more dangerous than usefull. when you install next time a program, you will be asked after you choosed “treat this as an installer or updater” (dont remember my answer), if you would like to switch to installation mode. this could be more related to the installed program, so you dont have to switch to installation mode for, for example a waiting virus somewhere in your machine too.
i usually answer then “no”. i get some more questions, but its not that bad. its half way installation mode. but you can choose “yes”, and it will handle the installation child processes silently, until installation is finished.
i think its a good idea without the old global switch now.
I should have thought about the old 3.13 config file maybe not being compatible with my new CIS 4. Makes sense. You’re probably right.
I’ll see how it goes just using Installer designation. I remember some Windows Updates last year writing so much to the registry Defense+ chirped non-stop until I finally switched it to Installation Mode. But I can accomplish the same thing designating as an Installer, I suppose.
No one can blame you on that since it wasn’t easy to find. (I happen to have a good memory sometimes ^_^). Those changes should’ve been announced with the final version’s change log, especially considering that not everyone is a beta tester or reads the beta corner (must be logged into the forum).
I’m not sure that I like the removal of the installation mode. I think that it worked quite well before, and I liked being alerted when changes to the system such as program installations make were reported and required user consent. It was easy to switch to installation mode, install the software, and then switch to previous mode when prompted. Also, CIS continued to protect the system while in Installation Mode. Now, the program just installs with no user consent.
For example, I deselected the option to trust applications signed by trusted software vendors and tried to install IOBit’s Smart Defrag. The program installed with no alerts (now, I had first installed this before I deselected the option about trusting such signed programs, so it is possible that a rule allowing the installation was created; if so, I’ll need to remove that in order to test this properly). If there were no rules in Defense+ to allow the installation of this program, then I should have received an alert. This concerns me much, as I have been installing version 3.x of the program for quite a while and have many novice customers using it with very few complaints or issues. I am concerned that too many programs are going to be allowed to modify the system with this new version and that the program will become like the Norton Internet Security and McAfee software that, by default, automatically allow new programs to install and access the network with no alerts being generated. Not good. I always use the program with Defense+ set to Clean PC mode, and I don’t want to change this.
I checked the system with CIS 5.0 (just Internet Security, without A/V, Maximum Proactive Defense). When I had installed Smart Defrag with the option Trust the applications digitally signed by Trusted Software Vendors enabled, no rules were created in the Defense+ Computer Security Policy (the option, Create rules for safe applications, was not enabled then, either). So, when I had disabled the option for trusting trusted vendors’ signed applications and tried again to install the Smart Defrag program, there was nothing in the Computer Security Policy stating that this installation should be allowed to proceed. However, since the option to create rules for applications deemed safe was not selected, I needed one more test to determine why CIS allowed the installation of this program with no alerts.
A few minutes ago, I ensured that there were no entries for Smart Defrag in the Computer Security Policy, and I enabled the option to create Defense+ rules for safe applications (and the option to trust software from trusted software vendors is disabled). I also made sure that none of the Smart Defrag files were in the My Own Safe Files list. I tried again to install the software. No alerts appeared, even though the installation uninstalls any existing versions of the program and makes startup changes so that the program runs on startup. As well, CIS did not create any rules in Defense+ for this program during this last installation. This doesn’t make sense to me. Is the program safe? If it is, where are the rules? Maybe since there now is no installation mode, Comodo decided not to fully protect the system as they were doing before, since they don’t have an installation mode users may switch to in order to minimize the alerts during an installation.
I don’t think that I have very good control of things now, with this new version. I should be able to look through the various configurations, such as files to monitor, registry keys to monitor, etc., and find the parameter that is allowing the installation of this program, but I can’t find it. Instead, I guess something intrinsic is allowing this request, and that, to me, is not appropriate for a security application such as this one. :-TD :-TD
Hmmmmm. I haven’t had occasion to install anything since installing this latest version and was not aware of your recent discovery, Mecarter. I find that disconcerting as well. I have Create Rules for Safe Applications “unchecked” but have left “Trust Applications Digitally Signed by Trusted Vendors” “checked”. Now I’m wondering, like you, if CIS is going to trust and create rules for waaaaay too many applications.
My apologies for taking so long to update this post. Thanks for your reply, buttoni. On the XP computer that I had installed the new, CIS 4.0 on, I removed CIS 4.0 and left the computer with just Avast! 5.0, Windows Defender, Windows Firewall, IE 8 (all Windows updates), Malicious Software Removal Tool, psexec shortcuts for Internet Explorer, “user-mode” permissions on targeted registry keys and start-up folders, etc. This user is one of the few I know who really doesn’t need much more than this. He had used the computer for more than a year since I last had worked with it (then was setup just with Avast! 4, Windows Defender, and Windows Firewall), and there wasn’t a bit (or byte) or malware found on it this time.
So, my “test” station is gone, and I haven’t installed CIS 4 on another system. I will probably test with it on my laptop soon. I think that, if I am going to continue to rely on CIS for my customers, that I will have to install this new version as it will be updated to that eventually, anyway (unless I turn off updates), but I prefer the previous version now. I thought that the Installation Mode was a great idea. If it was so bad, why was it created in the first place? You could easily switch to a less “intrusive” mode so that you could install software without so many alerts, and then you received a reminder to switch back. That was great. Now, you are just always in an Installation Mode, it seems, and you can’t switch back (unless maybe you activate a Paranoid or similar configuration).