[Defense+]Trusted Files also marked Limited [Resolved]

I know this isn’t the right format but, I did do the entire thing in the right format then it gave me an error because I didn’t zip my config file and deleted an hour of making it the right format so excuse me:

The Problem/What I did: I had marked a couple of files as limited because at the time I was unsure then later I went in through the summary page of CIS and marked the files as Trusted. I later noticed that they were still being blocked so I tried again to mark them as Trusted but, it says they are already marked as trusted.

The solution: I went in though Computer Security Policy and found the app in question. It was marked as limited so I changed it to Trusted. I’ve yet to see that program listed again.

My Version of Comodo is the newest and I’ve noticed this at the very least in the past two versions. I’m running both Defense+ and Firewall in Safe Mode and have the sandbox enabled. I will also attach a zip of the config files.

My OS is Windows 7 Profession 32-bit, UAC disabled.

CIS (and possibly hopsurf, not sure if hopsurf is working or not) are the only full time/active protection security I have. Otherwise I run Malwarebytes and CCleaner regularly and occasionally run ClamWin and PT Lite.

My thoughts: When marking a file as safe (at the very least through the summary page) it doesn’t remove the limited mark and the limited mark takes priority.

In case you’re wondering (though I doubt it’s necessary information) the app in question was pinger.exe from Toshiba (I’m running a Toshiba Laptop) that’s part of Toshiba’s built in updater (though I never use the updater I still don’t want it to be blocked nor do I want anything more important to be blocked in this matter).

Don’t be afraid to ask if you need more info but, I think that should be all you really need to know.

Some additional thoughts [Off Topic]: The site seems to have some issues with error handling. I also ended up creating a new account just to post this because my old account apparently ceased to exist. Also, when sending the email I don’t think it should include the password for this site as that in and of itself is a bit of a security risk. I trust CIS quite a bit but, sending a password in the email is a major security risk (even though I download my emails the servers still get viruses that could allow someone to read my mail before or in some cases perhaps even after it’s deleted).

[attachment deleted by admin]

I realise that is is frustrating, but unfortunately we really must have a report in the right format if we are to forward your report to verified.

We would be very grateful therefore if you would try again. Please could you explain what you mean by ‘marked as limited’. Do you mean it has the ‘Limited application’ policy applied to it under D+ rules?

To avoid the issue you described (which I have recently raised in the mods frums myself) you could consider using Lazarus form recovery add-on (just google it), which is available for Chrome, Firefox and some Mozilla variants.

That’s what I use!

Best wishes

Mouse

We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

Best wishes and many thanks in anticipation

Mouse

Just to note that the standard format does ask you to zip all non-screenshot files.

Sorry however for the inconvenience.

Best wishes

Mouse

I think this is not a bug but working as expected. Users need to be able to make rules or restrictions for trusted applications. The list of trusted applications is not the same a making an application trusted in computer security policy. Computer security policy has to take precedence.

I agree presuming my guess is right about what he means. Lets see if he responds.

Mouse

For the most part I would agree that it’s working as expected it’s just that when I marked the file as Trusted I also expected it to be changed in the security policy. Otherwise there’s really no point in marking the file as trusted. As I said in my previous post I think when you mark a file as trusted it should also change the security policy to trusted or at least alert the user to the fact that it’s no automatically changed. I would’ve presumed when using CIS that if an app was blocked and I marked it as trusted then it would be completely or at least mostly unblocked. The fact that it still said it was blocking the program perplexed me for quite a while before realizing it was still marked as limited in the security policy.

I hope what I’m saying makes sense I’m trying to phrase it as best I can.

The reason is that CIS always fails safe. So a restrictive rule over-rides a permissive rule.

Think we are all agreed that his is not a bug, so moving to resolved

Best wishes

Mouse