I still wonder what disables my D+

I have written this before and still don’t know how to solve this. I have CIS 5.8, Unknown progs should be treated as restricted and sandbox is on.
But still CIS allows unknown programs and even malware run unrestricted and not sandboxed. In paranoid mode I get a lot of notifications but sandboxing seems not to work.
I checked the runnig process list and thre was an unknown program running with sandbox setting “disabled”. 0 programs are also restricted.

Because I don’t get any error messages or warnings about D’ not working I think that it is not a safe utility because you can’t tell if some applications are safe or D+ is just broken…

With 5.5 I didn’t have this problem and it seems to be same with or without the 64-bit enhancement option (running Win7 64-bit).

Defense+ Paranoid setting overrides auto sandbox.
Lower it to Safe Mode.

It is is the safe mode and it does not work. I just tested the paranoid mode to see what happens then.

Maybe I found the reason. After unticking the sandbox option to automatically detect installers/updaters sandboxing seems to work with unknown applications.
I must study this further.

there are similar bug reports in the bug report section. please! file a report so that one of the Comodo devs can track this issue down.
(i have the same problem 1 or 2 days after installing on win7 x 64)

I had similar problem in my win7x64 notebook.
The problem is intermittent. Sometimes it works and sometimes it doesn’t work. So you don’t know if D+ is functioning or not and need regular checking with CLT to verify if it is working.

Now after unticling the installers/updaters option D? has worked fine. And I have not any settings amnesia either.

same here… it seems win7 x64 + comodo has some issues

It seems that this is not a standalone problem.

I’ve tried Jaskaolen’s trick by unticking the sandbox option to automatically detect installers/updaters. So far so good.

The post should not be moved to the help section. It is not someone asking for help about D+. The post is feedback about issues in D+.

Looks like a help topic to me.

You don’t feel he wants any input on how to solve an issue he has not been able to? ???

If the OP feels there is a bug involved, he could make a bug report.

OK, so what help can be offered here to solve the problem?

Please try re-enabling the installers setting and disabling enhanced protection mode and rebooting. Then try running the unrecognised file that’s being treated as trusted.

If this does not work please try re–installing using the normal installer then the forced uninstallation tool. Then follow the guidance in my hassle-free installation FAQ. Do not import any configuration. THen try running the same files. (All the relevant info is in the installation help forum stickies).

(You may wish to back up your settings first, just don’t re-install them before testing).

Though I agree it’s a help issue ATM, if these things fail, and nothing else becomes evident, then it’s worth reporting a bug, if only because that process, if the format is used, will lead to most relevant information being collected.

BTW if it’s a file that loads early in the boot process it’s a known issue, though one that I thought had pretty much gone.

Best wishes


OH now I think I know what is happening maybe. I think your files are being run by a file that is running as an installer/updater?

If you post your active programs list (the whole of it) with the file concerned running and the automatically detect setting on (maybe reboot after changing setting to on) we will know.

Best wishes


With detect installer on, unknown files (e.g. CLT.exe) are running as an installer without alert.

Is it a know issue?

Please post your active process list (all of it), when I file is running incorrectly. Unfortunately we really cannot know what sort of issue this is - bug or maybe because something in the calling sequence is running as an installer, unless you do.


In my tests during extracting with 7zip 9.22 beta, files are SOMETIMES added to trusted list without any questions. Last night from 110 malware about 20 were removed by av and rest suddenly added to trusted.
Online lookup tells those are malware and unrecognized files

Win7 x64 enhanced mode on and mbam pro.

The active process list is shown in the attached pictures.

I’ve also tried the following scenarios with CLT, (Autosandbox level: Untrusted)
[tr][td][/td][td]Detect Installer [/td][td]Autosandbox [/td][td]CLT Score[/td][/tr]
[tr][td]1.[/td][td] Enable[/td][td]Enable[/td][td]200[/td][/tr]
[tr][td]2.[/td][td] Disable[/td][td]Enable[/td][td]340[/td][/tr]
[tr][td]3.[/td][td] Disable[/td][td]Disable[/td][td]200[/td][/tr]
[tr][td]4.[/td][td] Enable[/td][td]Disable[/td][td]200[/td][/tr]

Not a single alert was noted in scenario 2.
The other 3 scenarios only got firewall alerts.

[attachment deleted by admin]

Not sure what you think is running with wrong privs in the APL

Re CLT, you must not test it allowing the unlimited access alert. If you do CIS will run everything CLT runs as trusted, that’s what it is supposed to do.

Indeed you have to be very careful how you use CLT to test CIS 5. FAQ here.

Hope this helps


You ask me post my APL for you to check in previous reply. I don’t known what’s wrong with the APL.

I doesn’t not allow the unlimited access alert. As I said, there are not a single D+ alert.