just found a bug of comodo cis

according to my setting at file rating settings of comodo cis,i had the option “trust files installed by trusted installers” ticked.i downloaded a file(it’s the installer of a software) from the internet,and added the file(the installer) to the trusted files list at “manage file rating” of cis.then i ran the file(the installer) on my computer and installed the software.after i finished the installation,i ran the software and pressed the"main menu button" of its gui. then i pressed “update online”,and a firewall alert poped up showed that lingoes64.exe was trying to connect to the internet.but lingoes64.exe was a file installed by a trusted installer,why comodo cis still generated firewall alert about it?

[attachment deleted by admin]

and here is the link of the file(the installer): http://www.lingoes.cn/download/lingoes_2.9.1_x64_cn.exe

u can download the file and try it yourself.

was it a connection in to your computer or from your computer?

Trusted files are excluded from monitoring by HIPS, not from FW.

That is not completely correct. Trusted files usually will give no firewall alerts at all.

Then it must depend on alert frequency.

You will get firewall alerts for trusted files if it’s set to Custom Ruleset.

Of course, but not in safe mode.

Can you post a screenshot of the Firewall logs so we can see what the alert was about?

well,u can download the software to install it on your computer and try it yourself.

i am pretty sure it’s really a bug.

Indeed however I’ve seen a certain reluctancy on this forum for such means of checking for bugs, I’ve tried in several bug reports to ask them if they get the same issues (not related to this issue), I never get any response on that part :wink: