The bug/issue
- What you did: While in Clean PC mode downloaded a new program, ran it, removed it from Unrecognized Files, then ran it again.
- What actually happened or you actually saw: After the first run it was blocked. Removed it from Unrecognized Files. Ran it again. Program appears in Trusted Files and runs.
- What you expected to happen or see: Every time it is run it should be blocked. It should not go into Trusted Files unless explicitly done so.
- How you tried to fix it & what happened:
- If it’s an application compatibility problem have you tried the application fixes here?:
- Details & exact version of any application (except CIS) involved with download link: Any application.
- Whether you can make the problem happen again, and if so precise steps to make it happen: Yes. a) Set Clean PC mode in D+ b) Download any application c) Run the application d) Application blocked as expected e) Remove application from Unrecognized Files list (use Remove button) f) Run the application g) Application runs h) Application shows in Trusted Files
- Any other information (eg your guess regarding the cause, with reasons):
Files appended
- Screenshots illustrating the bug:
- Screenshots of related CIS event logs or the Defense+ Active Processes List:
- A CIS config. report or file:
- Crash or freeze dump file:
- Screenshot of More~About page:
Your set-up
- CIS version, AV database version & configuration used: 5.5.195786, 10265, Internet Security config
- a) Have you updated (without uninstall) from CIS 3 or 4: No
b) if so, have you tried reinstalling (if not please do)?: - a) Have you imported a config from a previous version of CIS: No
b) if so, have U tried a preset config (if not please do)?: - Have you made any other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here.): Trying to set a mode where all files currently on the PC are trusted and nothing else is.
Execution Control Level:
-
Treat unrecognized files as Blocked
-
Perform cloud based behavior analysis of unrecognized files=off
-
Automatically scan unrecognized files in the cloud=off
-
Deleted C:\Program Files\COMODO\COMODO Internet Security\database\vendor.n in order to remove Trusted Software Vendor list.
- Defense+, Sandbox, Firewall & AV security level: D+=Clean PC, Sandbox=Enabled, Firewall=Safe, AV=Stateful
- OS version, service pack, number of bits, UAC setting, & account type: Windows 7, SP1, 32 bit, On, Admin account.
- Other security and utility software installed:
- Virtual machine used: