Comodo repeatedly isolating trusted program

Avast labeled a program that I have been using for years as a false positive and kept me from redownloading it. I had to pause Avast to download it, add an exception, submit it to their virus lab, and delete it from their virus chest before re-enabling Avast. When I tried to open the program, I got a box that said “Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access them” and then Comodo’s Internet Security Alert popped up and said that the program was sandboxed as partially limited. I hit “Don’t Isolate Again” and tried to open it but got the same two warnings. I went to Defense+ and added the file to the trusted files section, but it will not stay there (I tried adding it through “Trusted Files” as well as right-clicking on the file in “Defense Events”). Then Avast moved it back to the chest and listed the process as being Comodo’s cmdagent.exe.

I’ve had Comodo for years and I’ve had Avast for about six months after I got tired of AVG’s slowing down my computer and have had no problem accessing the program several times a month.

[attachment deleted by admin]

What are your settings in Avast?

Not sure if this helps but there’s a topic about a possible conflict between Avast and CIS that may be of interest.

Which settings do you mean?

From the thread, for which I posted a link, the main area of conflict with cmdagent.exe, has been the scanner setting ‘Test Whole Files’ Is this what you’re seeing, or is it something else?

With regard to the file you’ve had problems with, is it possible to provide more detail?

Test whole files is unchecked and always has been.

The application I use is a 10K program called DVD Bit Rate Viewer (DVD Bit Rate Viewer 1.4 Free Download - VideoHelp). I get advance copies of discs to review at a couple sites and one site requires a bitrate graph for the main feature on the disc. With DVD Bit Rate Viewer, I open it and it scans the disc in the drive and generates a graph of the bitrate and gives the average bitrate. I size the graph the way I want it and hit control+print screen and past the window into an image editing program. I then crop away everything else and save it for uploading. I have used this program for at least three years without any issues. I have had Comodo for two or three years (and Avast for the last six months after I got tired of every new version of AVG slowing my computer down) and have not had any issues until yesterday.

I’ll also add that one of the Avast forum members submitted the file to VirusTotal for me and Avast was the only one that thought this ten year old program was suspicious.

Curious. I am familiar with the program, as I’ve used it numerous times in the past and I’ve never had any issues with it, in fact it produces a only a singe alert, even in paranoid mode. (image)

As a test I just put CIS and Avast on a PC and unfortunately, as soon as Avast had updated it’s definitions, it stopped the application from running and placed it in the chest. I didn’t, however, receive any alerts from Avast for cmdagent.exe.

[attachment deleted by admin]

Try downloading it again (you may have to pause Avast) and then adding the exclusion in Avast before re-enabling Avast’s shields. At that point, I think is when Comodo will start acting up.

I’m not sure what to do. I do need the program.

Removed and reinstalled Avast, added the exclusion for DVD Bit Rate Viewer before running the application, Avast still sees it as a problem, but nothing for cmdagent. Unfortunately, I think this is an Avast problem, as they are the only AV suggesting the file has an issue.

If you want to provide details of your exact settings for CIS and Avast, I’ll go through it again…

[attachment deleted by admin]

Well, on the Avast exclusions, mine is not wildcarded. It is the full file path.

On Comodo, it is still flagged as partially limited. It does not stay in the trusted files section, and when I right click it in the defense events and tell it to add to trusted files, it says it is already there. And Avast just moved it again.

[attachment deleted by admin]

If I add the explicit path in ‘Expert Settings’ under the File System Shield, the application just runs, no alerts from CIS or Avast. I Have CIS in Paranoid mode with Unrecognised files set to partially limited. However, CIS recognises bitrate14.exe as a safe application, which means it doesn’t need to be added to Trusted files.

Perhaps someone else can test this…

[attachment deleted by admin]

I did that and got this: (see image attachment)

I think you’re right. It is an avast problem. I think the Comodo ones came up when I was trying to add it to the trusted section. This latest one has explorer and that was after I clicked on the icon (after I added it to the File System Shield expert settings, the thumbnail picture actually showed up on the icon in the folder).

[attachment deleted by admin]

For what it’s worth, I’ve reported the file to Avast as a false positive.

Thanks for your help. I’ll let you know if I find out anything else (the Avast thread I started is here).

I was advised to set my Avast file shield to ask about PUP and Suspicious files rather than automatically moving them to the virus chest. It seems to be working fine now. Thanks again.