Windows taskbar issue after running virtual desktop still occurs. Also when running the program updater after updating to this build to get the recognizercryptolocker, recognizer v 184.108.40.20608 is downloaded and installed. This was when I updated from previous beta to this using the program updater, which after reboot 220.127.116.1108 recognizer was installed, but the was replaced when I checked for updates again after rebooting.
Everything is running smoothly so far with this very short test run on Win 10 x64 1803 with the latest update installed.
Even though I had my system up and running for a week without issues with the previous version as stated here, I ended up facing the system freezes eventually myself as well, so I was very much looking forward to a bugfix release.
I can also see the issue with the recognizer version as stated in the previous comment.
In addition to this, I have given another test run for sandboxing applications that may consume large amount of memory (such as browsers in certain scenarios), and the result is still the same: the application is crashing when it reaches around 1200MB of memory usage threshold.
There are no restrictions applied with regards to the allowed amount of memory consumption for the sandboxed application, so my assumption from earlier was that sandboxing works with 32 bit resource allocation restrictions.
I believe this should follow the default system behaviour of allowing normal resource consumption (as the program would without sandboxing), unless limited by the user of course.
Would you please be so kind and take this up with the Developers whether it is to be expected to have changes in regard by the time the first official version is released?
Also when running the program updater after updating to this build to get the recognizercryptolocker, recognizer v 18.104.22.16808 is downloaded and installed. This was when I updated from previous beta to this using the program updater, which after reboot 22.214.171.12408 recognizer was installed, but the was replaced when I checked for updates again after rebooting.
Clean install on a Win7x64 system - much faster to start up
The HIPS Memory Access is now fixed, as is the Connection Counter
Confirm that the Recognizer issue reverting back to 6708 is present . . . . and the problem with being unable to remove any Vendors is still present
Comodo is interested in the hanging phenomenon. THey may contact you and will ask to create a full memory dump when the system hangs again. The following article describes how to let the computer crash on purpose so it will produce a memory dump file: Enable Crash on Ctrl+Scroll Lock in Windows 10 .
When the computer hangs again push the right control button and hold it and push the Scroll Lock button twice. The system will then create a BSOD an dump file.
Since version 12, it is not possible to remove the vendors built into Trusted Vendors, which is very unfriendly for some environments that require strict control.For example, install some Chinese software.
I had an error when I had an update notification from the previous installation - the update failed at the end, but the version was still changed.
Based on your comment I cannot tell if you are facing the same or something similar.
Just to be sure, I ended up removing the current CIS installation with the CIS Cleanup Tool v126.96.36.199, rerunning it after each restart until it did not request any further restarts, and used the latest offline installer afterwards without any issues.
I now have the recogniser with build number v188.8.131.5208. See attached image. Comodo must have updated the beta server.
The beta server does not deliver the AV database so you need use the regular server alongside or instead.
- Defect where extra activity "Memory Access" is registered in the HIPS logs on every app or library loading + OS freezes
At staff. What is meant with OS freezes? Are those the freezes reported where the system starts to gradually freeze? Is it related to the registered Memory Access in the HIPS logs? What was the cause of those freezes?
I started getting alerts by HIPS for System is trying to create a new file or directory, but if I click on Show Activities, it says Cannot find process by this PID.
The event log actually shows what has happened.
Please see the attachments.
It would be really helpful if the action-to-be-approved would be actually reviewable without giving to much access to breaking any kind of functionality.
I am using Proactive Security configuration, and for HIPS I have selected Create rules for safe applications as I always do, but I do not recall seeing any of such alerts with earlier versions, including the previous Beta.
First the alert does show you what action is about to be preformed but you need to click the down arrow to expand the alert to see the full alert details. Secondly you shouldn’t use create rules for safe applications, as it will cause issues such as what you have seen because the default rules will be erased when you reboot or shutdown the system while new rules are being added. Also it does not provide any benefit to create rules for safe applications as safe mode will allow the actions anyways.
I assume you mean the arrow in the red bar…
Sorry, it did not occur to me that it is clickable, I thought it is part of the design.
I was sure the “Show Related Activity” would get me what I was expecting, or “Modify File” could do the same if it were like “System” as per the screenshot.
Sorry for the confusion in that case then, I will be paying more attention in the future.
As for the rule for safe applications, I assumed it is selectable because it would make a difference.
I have experienced 4 system-wide freezes within the first ~12 hours altogether, which happened after a clean installation (and no Secure Shopping involved at all).
I have set up the configuration for manually triggering a BSOD in which case I can provide the dump to the Developers directly, but so far nothing has happened, even though I am performing the same exact activities like before.
I have noticed a couple of HIPS alerts (as per my screenshots from earlier), which I have not seen earlier, I wonder if they have anything to do with the issue, i.e. without approving them the issue would persist.
Another thing that crossed my mind was that initially we had seen downgrade for the recognizer version initially for this release.
Do you think there could be any correlation?
This was on the very first they when I was facing the issues.
Apologies if they are not relevant at all, just trying to be helpful.
Either way, I will leave a message here as soon as I have any solid information.