WinRAR is interrupted by CIS...Why?

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/thats_it_ive_had_it_goodbye_comodo_is-t44780.0.html;msg325088#msg325088

I reinstalled CIS and followed the link below.

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/how_to_achieve_max_security_with_zero_alerts-t44371.0.html

I even got to solve my old problem using this solution: https://forums.comodo.com/profiles/vgi-u68151.html;sa,showPosts;start,15

Now I have a new problem. Seems like CIS thinks that WinRAR is evil and it interrupts its process of unpacking certain zip files I downloaded for the game Arcanum.

CIS’ detects that WinRAR is trying to modify a file, hence it suppresses it.

Action: Modify file, Suppressed.

Take note, I have WinRAR installed already when I did a fresh reinstallation of the latest CIS. What can I do about it? I never had this problem before I deleted my first installation of CIS.

CIS is even not trusting COMODO BOClean.

I don’t know how to post pics in forums, so I may not be able to show you guys any pics.

I’ve taken pics though, so all I need are instructions on how to post pics.

It is interrupted because you’ve told CIS to block any unknown process silently…

That is the problem with the parental max security method. You’ve told it that you want to block everything, (max security) and not alert you to the fact that it has done this. So, you’re running your system in a limited usability mode. It is by default blocking anything that doesn’t have a policy created for it, and since you get no alerts, you can’t create policies on the fly.

As for screenshots, see screenshot.

[attachment deleted by admin]

So what do I do now? I thought all software prior to the installation of CIS will be treated nicely and won’t be blocked by Defense+? Defense+ is just to darn aggressive. Reminds me of a paranoid security guard even though I have it set on Clean PC mode as stated in:

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/how_to_achieve_max_security_with_zero_alerts-t44371.0.html

Thank you for telling me how to insert pics.

[attachment deleted by admin]

Yes, Defense+ is pretty aggressive when you configure it for maximum security. That is the whole point. :wink:

As for the clean PC mode question, I don’t run in clean PC mode so I don’t know how it behaves in conjunction with the proactive settings. Hopefully someone with experience there will speak up.

Hi VGI.
The wierd thing here is having D+ in “Clean PC” and not allowing WinRar to run. Because in “Clean PC” mode any .exe in your PC is allowed to run, furthermore you should have a security policy in Defence + with WinRar.

Now I have a new problem. Seems like CIS thinks that WinRAR is evil and it interrupts its process of unpacking certain zip files I downloaded for the game Arcanum.

Now if WinRar is opening and when you try to use it on a file and CIS comes with an alert about WinRar trying to change and executable, registry key, or file/folder, and you allowed it and CIS does not remember or suppress the action. You must go to the access right of that policy and change the rules.
Also you can go to Defence + > Computer Security Policy > C:\ Program Files\WinRAR\WinRAR.exe and remove it, then execute WinRar and this time allow it and click “Remember my Answer”.

I use Paranoid Mode in D+ and WinRar opens any .Zip .Rar .bat files without problem, however when I click anything inside that file .exe or file, always get alerted by CIS that WinRar wants to execute or change something of that program that I just clicked because my rules are set that way. See my attachment, there you can change anything you like in “access right” and then “Modify”. Remember to click apply for it to set up.

[attachment deleted by admin]

Well, we have another issue about Defense+ alerts. In my case, I did what this link told me:

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/how_to_achieve_max_security_with_zero_alerts-t44371.0.html

I don’t have anymore alerts thanks to the link above.

I know that Defense+ blocks WinRar because I checked it out in the Defense+ logs. I actually thought that the zip file that I downloaded for the game Arcanum was password protected, but I checked the Defense+ logs and realized that WinRar was blocked by Defense+ when WinRar came to unzipping the exe files. Other files in that zip file was unzipped successfully though.

But since I followed the steps in the above link, I do not get anymore alerts, hence I cannot take the possible solution that you have stated.

I am still in the same dilemma.

Here is a another way to go. First step is to delete the rule for Winrar under Computer Security Policy. Then add Winrar to My Own Safe Files. Go to Defense + → Common Tasks → My Own Safe Files → Add → Browse Files → navigate to and select Winrar → Apply → Close.

Now try again.

Do I select the entire folder of WinRar?

It doesn’t work. I delete the rule for Winrar under Computer Security Policy, then I add the entire WinRar folrder (subfolders included) to My Own Safe Files following the steps you stated here. (They don’t appear on the My Own Safe Files list though.

Then I try WinRar again, and I encounter the same old problem as if I didn’t do anything.

I check CIS, and lo and behold, the WinRar rule is back under Computer Security Policy at the very end of the list.

Maybe me doing what
https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/how_to_achieve_max_security_with_zero_alerts-t44371.0.html stated has something to do with it?

[attachment deleted by admin]

I forgot to mention that you only need to add the .exe and .bat files you will find the Winrar folders. Sorry about that.

I also see you still have parental controls enabled (it says suppressed in the logs). Please disable them, that wayy you will get alerts. Not all actions are shown under the action column. Is there more information there?

Well, it works now.

I guess it wasn’t such a good idea not to have any alerts, as the alert window gives you many options as to how a certain program should be treated by CIS. Am I right?

I told CIS to treat this application as “Trusted Application” and I ticked on the “Remember my answer” box.

This solves it, right?

Yes. As I mentioned earlier, that is the big drawback to running maximum security with no alerts. You’re running in a limited usability mode. Not a bad plan for kids, but for a normal user, too restrictive.

That should do it.

Then I guess its, “Atlast, problem solved.”

At least for now.

Thank you all. You’ve been a great help.