Hey Ewen,
Are you initiating manual scan from “Do it now” link? Because i could not reperoduce it otherwise. Do it now is special in the sense that it overrides manual scan update settings and always updates.
Hey Egemen,
Exactly - and in that context in makes perfect sense to do an update to ensure it’s starting “life” from a known base.
Cheers,
Ewen 
P.S. Ready for a long day posting responses? 
If I restore the file and its name, CIS scans it online and finds it safe. Why doesn’t CIS recognize the file? Its digital signature is OK. :-\
If I delete the file again, it’s sandboxed again…
Can you please compress the file and send to me? Let me see if everything is ok with the file.
When I restored ComodoSE.exe, direct keyboard access was logged for ClientSettingsWizard.exe and configure.exe
2010-02-17 22:08:53 C:\Program\COMODO\SecureEmail\configure.exe Direkt tangentbordsåtkomst
2010-02-17 22:08:53 C:\Program\COMODO\SecureEmail\ComodoSE.exe Körd i sandlåda som Reguljärt
2010-02-17 22:08:53 C:\Program\COMODO\SecureEmail\ClientSettingsWizard.exe Direkt tangentbordsåtkomst
I attach all three files. Thanks.
[attachment deleted by admin]
Ok all the fiels are recognized by CIS as safe as expected. Can you please try to add these files to My Own Safe Files and see if CIS allows you to add?
Can not add them to My Own Safe Files, or My Pending Files. And if I try to add one of the files to My Trusted Software Vendors, CIS says Comodo CA Limited is already in the list.
ok this means they are trusted already. What is your email client? This can happen only if an unrecognized application is trying to execute a trusted application. In this case, no matter it is trusted or not, it will be sandboxed. Does CIS recognize your email cleint as safe?
I use Thunderbird 3.0.1. It’s recognized. I have also added Mozilla Messaging Inc. to My Trusted Software Vendors.
gui bug
[attachment deleted by admin]
A GUI glitch… Not to critical… (Image in attach)
Also, when I installed CIS v4 RC, my Comodo Dragon Bookmarks and Passwords disappeared ??? . Just like if Comodo Dragon was submitted to a new install.
I’m using Win7 x64 with no other security programs
[attachment deleted by admin]
I think the alert displayed below should have a “Run Sandboxed” option. I ran the exe with elevated privileges thinking it was automatically sandboxed but it wasn’t. The score was very low (40/340). What do you think ?
[attachment deleted by admin]
OS: Windows XP SP3 32bit updated to the latest post-sp3 Service packs
CIS Version: 4.0.132838.716
D+ configuration: Comodo Proactive Security Defaults
D+ mode: Safe mode
Description:
Safalisted applications will be automatically sandboxed when launched by a sandboxed/unrecognized app. In the latest V4 version such event (Sandboxed as regular) is not logged anymore.
Steps to reproduce
Run a batch file to launch notepad. There won’t be a D+ log entry that mention “C:\Windows\System32\notepad.exe Sandboxed As Regular” anymore.
[code=test.bat]
start notepad
Did you reboot after install, i only recognize this from starting the CFP GUI after install but before reboot !?
yes
Please ask your language translator to fix the control positions, and the letters and remove the full CAPS that should make it fit.
Translators can be found here:
https://forums.comodo.com/beta-corner-cisv4/comodo-cis-40x-localizations-t51090.0.html
Did you just switch languages perhaps?
no, language is by default us english
OS: Windows XP SP3 32bit updated to the latest post-sp3 Service packs
CIS Version: 4.0.132838.716
D+ configuration: Comodo Proactive Security Defaults
D+ mode: Safe mode
Account type: Administrator
General information:
Safalisted applications will be automatically sandboxed (Previously logged as “Sandboxed as Regular”) when launched by a sandboxed/unrecognized app.
When run in the sandbox Safelisted application action should be restricted.
Description:
On each 1st attempt (see notes) soon after a reboot/logon it is possible to overwrite (0-byte empty file) %windir%\notepad.exe using an automatically sandboxed %windir%\system32\notepad.exe (lauched using a batch file)
On Xp Windows File Protection automatically restore the 0-byte %windir%\notepad.exe with a notepad.exe backup after few seconds.
It is possible to confirm that the overwrite was successful because notepad.exe icon disappear until the 0-byte file in %windir% folder is replaced by an uncorrupted notepad.exe
To launch %windir%\system32\notepad.exe in the sandbox the following batch was used
[code=test.bat]start notepad
PS: On XP there are two different copies of notepad.exe placed in different folders.
[b]NOTES:[/b]
The issue itself looks erratic but I was able to reproduce it multiple times by rebooting after a failed attempt.
During the same session,the 1st attempt is successful BUT on [u]2nd attempt[/u] overwriting will be denied due to limited permission (picture attached)
https://forums.comodo.com/index.php?action=dlattach;topic=51702.0;attach=45115
[attachment deleted by admin]Some “old” images on the help file…
[attachment deleted by admin]
[attachment deleted by admin]