"Clean PC" + External HDD = "Safe application" [NBZ]

Comodo Internet Security - CIS Resolved/Outdated Issues - CIS
#1

The bug/issue

  1. What you did: Launched application from external HDD
  2. What actually happened or you actually saw:Application was launched and begun to work without any alert
  3. What you expected to happen or see:Alert about “new” application
  4. How you tried to fix it & what happened: Only fix is set D+ to SafeMode or higher
  5. If its an application compatibility problem have you tried the application fixes here?:
  6. Details & exact version of any application (execpt CIS) involved with download link:
  7. Whether you can make the problem happen again, and if so exact steps to make it happen:Reconnect external drive and start any application. Same issue
  8. Any other information (eg your guess regarding the cause, with reasons):I have external IDE drive, connected via USB. Name of “box” is Age Agestar, or something like this. Main problem - IT IS LOOKS LIKE LOCAL DRIVE in explorer. Not like removable media. So “Clean PC” think it is “local drive” and assumes all on this drive is “safe”

Files appended. (Please zip unless screenshots).

  1. Screenshots illustrating the bug:
  2. Screenshots of related CIS event logs and the Defense+ Active Processes List:
  3. A CIS config report or file.
  4. Crash or freeze dump file:

Your set-up

  1. CIS version, AV database version & configuration used: CIS 5.3.181415.1237, AV 7993, Internet Seciurity. Clean Install on Clean OS
  2. a) Have you updated (without uninstall) from CIS 3 or 4:NO
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:
  3. a) Have you imported a config from a previous version of CIS: NO
    b) if so, have U tried a standard config (without losing settings - if not please do)?:
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.):NO
  5. Defense+, Sandbox, Firewall & AV security levels: D+=CleanPC , Sandbox=Disabled , Firewall =Safe , AV =
    1. OS version, service pack, number of bits, UAC setting, & account type: Windows 7, SP1 (w/o SP1 also), x64, Home Premium, UAC Enabled, Administrator
    1. a WinXP Prof SP2 (SP3) x32, Administrator also
  1. Other security and utility software installed:NO
  2. Virtual machine used (Please do NOT use Virtual box):NO
    -------------------------------------------------------[/list]
#2

I think it is more MS error than a Comodo error. Comodo is not the only one having problems with this MS quirk.

For instance have you ever tried (via device properties-policies) setting an external hard drive to be configured for “quick removal” instead of “performance”. I have not been able to do so. Resulting in at least two cases of errors on external hard drives. Thank you MS.

With Regards,
Eric-Jan,
The Netherlands

#3

Anyway, I think it is a huge security hole
If we connect this BUG with this Behaviour … We can let untrusted Application to go to Internet via existed Rules. Without any warning.

#4

Could you please post the missing information in your first post.

  1. OS version, service pack, number of bits, UAC setting, & account type: Windows 7 x64 Home Premium SP1, UAC Enabled Adminstrator or Limited

Thank you

Dennis

#5

Updated.

#6

Thank you for your bug report in the required format.

Moved to verified.

Thank you

Dennis