As Igor P doesn’t sign these applications (either the 32 or 64 bit msi or exe forms), both the installer as well as the GUI app (7zFM) should result in a Containment alert. The only reason that it would not is if it was already installed in the past on the system.
ps Just installed 7zip 23.01 on a fresh CF beta 2 system and the applications were contained as expected.
I guess it needs to be said that digital signatures is not the only way to determine file rating, as CIS also relies on file hash lookup through fls, and in certain cases local whitelist AV signature, which can happen with or without having the anti-virus component installed.
About the 7zip “issue” (not really an issue)- I, as many here know, use CF only. For CF, when either the installer or the GUI app is run both will be contained.
However if CIS is used (adding the AV component) both will be recognized as valid even WITHOUT a digital signature as both have been previous vetted by Comodo within the AV database and thus allowed.
The CF component alone is without this database asit lacks the on-demnd AV component, so thus an unsigned application is automatically contained.
It has nothing to do with the AV as it was trusted by file lookup service(FLS) which is always checked regardless whether or not you have the AV installed. Only time it is not used is if you disable ‘enable cloud lookup’ option in the file rating settings.
Trying to figure out where this could be coming from, I did some additional analysis with Hitman Pro. Here is the result below:
But, there is no way of knowing if they are the same infections, since Comodo CIS does not give any details.
If there was an SH-1, or an MD5, I could have gone to virustotal.com to get some information.
So I find this missing a lot in the antivirus event log results.
I suspected you were going to answer that. For us beta testers, the software’s reactions can be unique. Everything is fine with you and not with me.
What matters is knowing what’s wrong with specific configurations.
Why is it blocking me and not others? Prorated to the number of beta testers, this should not be obvious. I guess there aren’t many beta testers, because we are always the same on this part of the forum.
I’m waiting for a Comodo employee to walk by and be a little curious as to why it’s like this on my PC.
It would be interesting to know if file and folder names of 256 characters (and longer if possible) can cause the analysis to fail.
Also having a Linux partition mounted as a Windows disk via Paragon Linux File System
I encounter the same problem whether Comodo CIS is alone or not.
Even better, if I stop and stop CIS, (CIS is completely shut down and is no longer present in the taskbar), the exclusions window remains open to spin in the void (then, I am asked to stop it and the system says that this will be transmitted to Microsoft. (which I hope). sends you the information afterwards)
Finally, to answer your question, I have always (since the beginning), (+10 years) run CIS with other security software, and this has never caused any problems for me.
For greater fluidity, I whitelist (exclusions) the files with each other.
To be more specific in my answer:
Permanently, second line: MalwareBytes
Third line RogueKiller.
On another Webroot Anywhere machine.
I have also been using the free version of Glasswire for a long time.
I also have a PC where all this works together without any problems, but under Windows 10 and with the official version of Comodo CIS.
It would be a real shame if this version of Comodo CIS no longer supports running with so-called “second line” software…
Likewise, I don’t know if it’s normal to have two recognizers of the same size in the same folder. Same version recognizer v12.2.1.8104.dll?
Another problem:
Comodo Antivirus notifies me of an infection called “COMODO DISABLE”.
Since this came at the same time as the update request requiring a reboot, I initially thought it might be legitimate.
But, in this case, why would Comodo CIS self-report as an infection?
Then, I wanted to analyze it with virustotal to find out what was going on, but as you can see, it created an error.
Do many user have such a lot of problems with this beta-version? Is the betaversion so immature?
I didn’t clear the log list. The firewall is in its own policy mode. The files blocked by firewall are only two, it shows the total number of these files blocked by firewall, but they come from trustworthy providers.