Software Install/Update Mode for CIS to Avoid HIPS/BB Induced System Malfunction

1. What actually happened or you saw:

Upon installation HIPS is set to Safe Mode before running Rating Scan. Consequently, on my system CIS immediately adds files from Trusted Vendors, but digitally unsigned and/or not yet in the Comodo whitelist cloud, to the Unrecognized Files list and/or auto-sandboxes them before I can run a Rating Scan and transfer all Unknown Files to the Trusted Files list. Most notably it happens without fail to ATI/AMD Catalyst Control Center and its various components. CCC then malfunctions causing various issues up to and including an unbootable system (“Black Screen”). There have also been multiple instances where CCC was auto-sandboxed and I could not reset the sandbox (resetting the sandbox did not kill the processes running in the sandbox).

The above also applies to software updates. Sometimes application components are not digitally signed and/or not yet in the Comodo whitelist cloud. Causes identical issues.

2. What you wanted to happen or see:

A “Software Install/Update Mode” - preferably fully automated - to allow for the addition of newly installed software or updates before HIPS and BB block/auto-sandbox and cause serious system problems.

At the very least, upon installation of CIS there should be a large pop-up warning user to keep HIPS set to disabled until completing a Rating Scan and then transfer Unknown (but system critical) files to the Trusted Files list.

It would be ideal if CIS were programmed to detect updates of Trusted software. Prompt the user to switch to Training Mode before updating software, allow them to run a Rating Scan and add any Unknown files to the Trusted list, then prompt the user to switch back to Safe Mode.

                      There are any number of ways these potentially serious issues can be handled.

Now I know all of the above can be done manually, but my experience has shown that until you know what you’re doing, it can be highly problematic. In my worst case, my system became unbootable because HIPS and BB performed as designed, but unfortunately autosandboxed GPU drivers.

3. Why you think it is desirable:

To prevent software and/or system malfunctions due to HIPS and BB isolating system critical applications and processes - such as drivers. Some method needs to be integrated into CIS such that HIPS and BB do not cause unintended system issues, instability and/or malfunctions when software is installed and/or updated. It would be ideal if this process were fully automated.

It is necessary for novices…otherwise they will not know that HIPS and BB are working correctly; they may assume CIS does not work on their system, rate CIS as poor, and then abandon CIS completely - just as I once did until I figured it out.

4. Any other information:

Examples of HIPS and BB working as designed, performing as intended, but at the same time causing serious problems because files could not be added to Trusted Files fast enough:

I’m not sure if it’s intended or not (test execution error). HIPS is not enabled by default from my understanding.
Do correct me if I’m wrong.


As there has been no response, I will move this one to “Added/Rejected Wishes” section.

Thank you.