Brillant, thanks Umesh for your help!
After uninstall yesterday; installed everything Comodo separately in non-default paths and folders. After normal reboots, everything is working flawlessly; linkage with Dragon, CSS etc. all perfect
Great work :-TU
I had been running the last version of Comodo 8 on my Win7 64 H.P. Desktop for a long time. I uninstalled it last night, used the cleaner tool too, and installed Comodo 11.
The only real āproblemā was during installation when I got a pop up asking for the location of inspect.sys.
I had set a slightly different path for the Comodo install folder. So maybe thatās why the installer got confused? (It offered me a location on an x: drive - perhaps a temporary ram drive for installation?)
I pointed it to my Comodo\drivers\win7 folder and that worked.
So far so good. I kept version 8 for a long time because I like to copy and paste from my Virtualized Browser to the Windows Clipboard. v10 (and v11) donāt allow that.
I saw in the forum that it might be an option someday in CIS. I donāt do online banking, so Iām not too concerned about copy and paste compromising the sandbox. Is there a trick/workaround that I can allow virtual access to the Windows Clipboard? (Or an alternative clipboard?)
Hi,
done clean install yesterday, working fine. comodo cleaning essential(11.0) unable to install yesterday, today it installed successfully.
OS: win10 1703 x64.
Option to disable clipboard protection is coming by Jul-2018 end release.
Someone questioned the updated list item below in China, and pointed out a serious bug.
A public bug 2355 was raised by moderators, where HIPS does not alert for actions when previously trusted rated application is changed to unrecognized.
Because he could produce this issue by following steps.
Steps:
- Disable Containment, enable HIPS.
- Run an unknown exe file(file A, he has a file named filetest.exe in his test). It was blocked by HIPS when trying to write a file into protected directory.
- Change this file to ātrustedā in advanced setting manually, the OK to close.
- Delete this file in windows explorer.
- Copy another exe file(file B) into this folder and rename it to has the same file name as the deleted one. So the new exe file has a same file name with the original deleted one.
- Run this new renamed file.
- Check the file detail, you may see that the new file has a same sha1 with the original one.
Itās terrible if the new file is malicious, but COMODO treats the renamed file has all the same privileges as the original one. In another words, it can do the same operation just as the original one.
From description it seems many manual operations with disabled Sandbox.
Question:
Was it ever working?
In daily use, is there a possibility that users will face such mentioned risks above? Such as just enable paranoid mode of HIPS and disable Sandbox.
Has this bug been fixed or will it ever been fixed?
https://forums.comodo.com/format-verified-issue-reports-cis/resizing-a-column-resizes-all-columns-m2174-t117842.30.html
Please try to achieve same via some unknown application rather manually replacing file as manual operations are done more in context of Windows safe apps.
This is a user bypass.
I think the HIPS is still path based like in the old days and not hash based so users are allowed to do smart and not so smart things. You are mentioning Paranoid Mode and HIPS only. They are not default settings and require users to be knowledgeable. CIS has always been the nanny of program behavior and not the nanny of user behavior. For which I am very happy.
If you want to work hash based keep the auto containment switched on. Most of the users donāt want to tinker with a security program. They are in safe hands with hash based auto containment.
Couldnāt replicate, I even tried deleting an already trusted file and moving a different application of the same name to the previous deleted file location, once I tried executing, HIPS warned of the new application.
Check their sha-1 in comodo file details to confirm whether they are same or not.
I will tell him to test just like your requirement.
Personally, another question, can you confirm that comodo recognizes both files have a same sha-1 in this kind manual operation?
The question is rather whether the HIPS uses hash check or not. I am not 100% but donāt think it does.
Start with the phenomenon first, then deeper. ;D
So, it might be that HIPS has always been this way. But since CIS v11 is out, Iāll make an official pseudo-issue report:
When I open a complicated program for the first time after installing CIS, like Dragon NaturallySpeaking, I sometimes have to open the program twice before all the āIntrusionsā/Rules can be set.
I should make a video to show this. But, for example, when I started Dragon, I got a few HIPS popups and I Allowed them all. But Dragon never opened, even after the pop ups stopped. I checked TaskManager and it said that Dragon was running. But I had to open Dragon a second time. Then I got a different set up pop ups. After I allowed all of those, then Dragon ran normally.
I dunno. Maybe this HIPS stuff is very complicated with processes spawning other processes that donāt start right if the user doesnāt acknowledge a pop up fast enough. Or maybe thereās a buffer size for HIPS queries thatās not large enough? Or maybe processes collide and lock themselves out? (WAGās, all.)
Anyway, thought I would report it. Iām a seasoned Comodo user (10 years +) so it didnāt faze me too much. But I can see first timers getting confused and blaming the product.
I can confirm this. But no reaseon not to use comodo. I installed cis11 several times and over and over I went back to cis 10 which runs without issues as far as Iām concerned.
What you wrote is the reason, too, why I didnāt tell of the problems because I werenāt able to discribe them exactly as requested in the form.
Iāll wait for the update later next week which is not an offline installer (donāt know how to say it in English - itās the automatic installing).
Can version 10 furthermore be used as a software which protects me or is it then a vulnerable version if I want to stay at version 10?
Hi pmikep,
If you think itās a regression, we will appreciate if you could please file a fully qualified bug report as suggested here.
We will need all details like OS, steps, CIS configuration.
Thanks
-umesh