I have written this before and still don’t know how to solve this. I have CIS 5.8, Unknown progs should be treated as restricted and sandbox is on.
But still CIS allows unknown programs and even malware run unrestricted and not sandboxed. In paranoid mode I get a lot of notifications but sandboxing seems not to work.
I checked the runnig process list and thre was an unknown program running with sandbox setting “disabled”. 0 programs are also restricted.
Because I don’t get any error messages or warnings about D’ not working I think that it is not a safe utility because you can’t tell if some applications are safe or D+ is just broken…
With 5.5 I didn’t have this problem and it seems to be same with or without the 64-bit enhancement option (running Win7 64-bit).
Maybe I found the reason. After unticking the sandbox option to automatically detect installers/updaters sandboxing seems to work with unknown applications.
I must study this further.
there are similar bug reports in the bug report section. please! file a report so that one of the Comodo devs can track this issue down.
(i have the same problem 1 or 2 days after installing on win7 x 64)
I had similar problem in my win7x64 notebook.
The problem is intermittent. Sometimes it works and sometimes it doesn’t work. So you don’t know if D+ is functioning or not and need regular checking with CLT to verify if it is working.
Please try re-enabling the installers setting and disabling enhanced protection mode and rebooting. Then try running the unrecognised file that’s being treated as trusted.
If this does not work please try re–installing using the normal installer then the forced uninstallation tool. Then follow the guidance in my hassle-free installation FAQ. Do not import any configuration. THen try running the same files. (All the relevant info is in the installation help forum stickies).
(You may wish to back up your settings first, just don’t re-install them before testing).
Though I agree it’s a help issue ATM, if these things fail, and nothing else becomes evident, then it’s worth reporting a bug, if only because that process, if the format is used, will lead to most relevant information being collected.
BTW if it’s a file that loads early in the boot process it’s a known issue, though one that I thought had pretty much gone.
OH now I think I know what is happening maybe. I think your files are being run by a file that is running as an installer/updater?
If you post your active programs list (the whole of it) with the file concerned running and the automatically detect setting on (maybe reboot after changing setting to on) we will know.
Please post your active process list (all of it), when I file is running incorrectly. Unfortunately we really cannot know what sort of issue this is - bug or maybe because something in the calling sequence is running as an installer, unless you do.
In my tests during extracting with 7zip 9.22 beta, files are SOMETIMES added to trusted list without any questions. Last night from 110 malware about 20 were removed by av and rest suddenly added to trusted.
Online lookup tells those are malware and unrecognized files
Not sure what you think is running with wrong privs in the APL
Re CLT, you must not test it allowing the unlimited access alert. If you do CIS will run everything CLT runs as trusted, that’s what it is supposed to do.
Indeed you have to be very careful how you use CLT to test CIS 5. FAQ here.