I have comodo set up as, defense+ safe, firewall, custom policy.
Under Exection control settings I have “Treat unrecognized files as” set to Blocked (Basically I don’t want anything to run unless I have already set it as trusted / in my policy to run limited.
For most programs this works absolutely great, if anything tries to run that i’ve not used before, it just stopped and I get a message saying windows cannot access the device etc.
When this occurs, I go to my pending list, set the file as trusted (if it’s one I was trying to run ofc!) and next time I run it, everything works fine.
HOWEVER,
Some programs, especially ntvdm.exe seem to never be allowed to run, every time I go to the unrecognized list and move it to the trusted list… next time I run a program that uses it (old DOS games) the game stops and I get ntvdm.exe in my pending list again.
I’ve tried manually adding it to my trusted files, i’ve also tried setting up an entry in the computer security policy area (setting it as trusted), i’ve also even modified explorer.exe to specifically allow it to run ntvdm.exe.
I’ve also tried setting execution control to untrusted, this then asks if I want to allow it to run, I click yes and remember. At this point it should no longer be considered unrecognized yeah? However if I then set control back to blocked, it starts blocking it again.
Nothing seems to work and none of this makes any sense imo, any ideas!
I am also having a similar problem with nero.exe (cd burning).
Even if I set it to treat unrecognised as untrusted instead of blocked.
Every time I run nero it puts it in a sandbox, no matter if it’s in my trusted list or security policy (I even clicked don’t isolate this again, when the sandbox message poped up).
Really don’t understand why comodo fails to remember what i’ve selected and seems to have a very random idea of determining an unrecognised program (trusted surely means it should be recognised every time?).
Can you make sure the file is not also in Unrecognised Files at the same time. If so, please remove it from there.
Also read Mouse1’s Introduction to the v5 Sandbox (see my signature) and How can I prevent software being sandboxed? and see if that brings any help.
Ok here’s the problem.
- I clear all references to nero.exe from my trusted/unknown and policy.
- I run nero.exe, I get a prompt about it being unrecongised (as I would expect).
- I go into my Unrecognised Files list, I tick the line that shows up for nero.exe and select move to trusted (it then disappears from the Unrecognised Files list, it now shows in my Trusted list (just as I would expect)
- I run nero.exe again, it should just run as a trusted app, however I get the Unrecognised prompt again, it re-adds it to my Unrecognised Files list, even though it is still present in my trusted list…
I’m reading through the post you’ve linked, but the above should indicate that it shouldn’t be a user configuration error (especially since the same process has worked for every other file i’ve done it with, except for ntvdm.exe (so far) as mentioned in my first post).