(Partly Solved) How can I recover acessibility to an app that COMODO blocked?

Good afternoon!

Attached to this post goes some print-screens I took from a false positive that happened to me.

Translation from PT-BR:

Attention!
A threat to your computer has been detected!

Don’t panic. We protected your computer from this intrusion.

Although a security failure scan and cleaning are recommendable.
Do you wish a GeekBuddy to verify and clean your computer? Learn more.

(Option in orange) Yes, I want a tech to clean my PC
(Option in grey) No, I’ll do this cleaning.

To speak with a GeekBuddy, call +1-888-351-7933

(At the other attachment)

Cloud detection alert
.UnclassifiedMalware[at]1

Directory: C:\Program Files\Atar…\TestDrive2.exe
More info: unavailable

(Green option) Clean (recommended) Isolate the file in quarantine
(Yellow option) Ignore - Ignore the alert and allow the file operation

Show activities

Here’s the situation:
I am concerned of what I am doing, and I am sure that this does not represents danger for my computer or anything else. Even though I select the yellow option and choose the False Positive behavior for COMODO Firewall, it does not seem to work as a permit so my game can start.

I already tried everything that relates to deactivation of protection software: Re-installed COMODO and disabled my antivirus program; Set the app into the “trusted” group of comodo just like other things inside the Firewall that theoretically would allow applications to run or be ignored by the firewall. No success at all.
I just can’t launch it again.

This is not the first time that this happens, and I really want to know the workaround, rather than re-install the game, which would take some large unnecessary time.
In previous occasions, this occurred to some other software of mine too, but killing the firewall from tray or uninstalling would let me launch the app again. It feels like it imposed a lock for good, and I really don’t know how to clear that up.

Thanks for the help guys!

I believe that I’m not the first one to have this kind of problem, however I did not found any thread that could help me finding a definitive solution to it.

[attachment deleted by admin]

Comodo firewall currently does not have an exclusions list so to get your game working add TestDrive2.exe to the trusted files list. To do this go to

1. tasks → advanced tasks → advanced settings
2. Security settings → File Rating → Trusted Files
3. Now add TestDrive2.exe

This will keep comodo firewall from detecting your file as malware.

Now you should submit the file as a false positive. To do this go to https://www.virustotal.com/ and upload the file. Once the analysis is done copy the URL and create a new topic here with a subject of False Positive. Comodo staff will check the file and remove the detection.

[attachment deleted by admin]

Ok, I will do the false-positive reporting.

I tried the trusted files option on it, but I still can’t launch it. As I said, not even uninstalling COMODO will do the trick.

Any other thoughts? I am pretty sure that this issue is relationed to COMODO software, by the way, instead of my antivirus, for instance.

What is it telling you when you try and run the file? any errors?

The very first frames shows up (black windowed screen) and then it closes. More specifically, the process launches and it is closed right after without late notice. It feels to me that it is just like something that is closing the process whenever it is detected in the system, therefore it brings me the firewall to my mind.

The first time this happened to me it was a little bit different, though… It happened with a installer in particular, and it would bring me a message about not being able to write in /TEMP, just like when you try to install to a read-only folder. That time I uninstalled COMODO and then it worked, but I guess this is something apart, even though I risk to state that it may be the same cause.

That normally happens when something gets sandboxed. I had trouble with a few game executables (specifically Firefall) getting sandbox even though I added them to the trusted list.

In the end I was forced to do one of these:
A) Disable the Sandbox before running Firefall
B) Add Red 5 Studios to the trusted vendor list so the exe would be trusted regardless of what changed it underwent in memory.

Sadly there is no longer a spot to exclude applications from the Sandbox. The Rules of the Auto-Sandbox are insufficient to applications that change themselves post execution.

Yep
Thanks for the reply by the way…

By this moment I have the issue solved, but in a different form though:

Uninstalled from C: (which is the system drive) and installed again at D:.
For a reason COMODO behaved very differently when I wasn’t playing with something at C:, I guess this is the closest I can get to a conclusion about this.
There was, of course, the normal questioning like “Allow to connect to internet?” and “ is trying to change a register line, allow it?”, but the COMODO Software is definitively uneven about the treatment given to a file regarding where it is coming from, even if it tries the same action. (Techinicians and people from development, Am I wrong?)

That gives me a little bit of distrust. First time over years I get a little wary about COMODO effectiveness (still is the best choice, in my humble opinion). Can someone give me a light over this?

Files downloaded from the Internet are not seen as safe and treated as such.

Yes, EricJH. I know it.

What about the uneven treatment of a file depending where is the directory that it has been installed?

Thank you,
Piccini.

I am not quite sure what you mean. Could you describe the scenario more in depth?

This…

In a nutshell, the exact same thing installed in a partition different than the system’s one has been allowed, whereas when installed at C: it gets blocked…
I’m afraid my case might be something very isolated and even maybe not worth considering at all, but I thought it was worth mentioning it anyway.