With cloud & network disabled, file w. no cert is still 'found safe' [M367][v6]

Comodo Internet Security - CIS Resolved/Outdated Issues - CIS
1

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.

  • Can U reproduce the problem & if so how reliably?:Everytime
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:
    STEP1-Disable Cloud lookup, analyze unknown files in cloud by uploading them for instant analysis.
    STEP2-Disconnect internet.
    STEP3-Restart.
    STEP4-DISCONNECT INTERNET. RUN ATTACHED HASHMYFILES.EXE. IT HAS NO DIGITAL CERTIFICATE.
  • If not obvious, what U expected to happen: IT SHOULD BE BLOCKED. INSTEAD FILE IS BEING ADDED TO TRUSTED FILES. DEFENCE+ LOG SAYS SCANNED AND FOUND SAFE. ALSO KILLSWITCH SHOWS THE PROCESS AS TRUTED. IN FACT THE FILE IS NOT SANDBOXED ACCORDING TO ANY OPTION SET IN BEHAVIOUR BLOCKER[I.E. AUTO SANDBOX UNKNOWN APPLICATION] PARTIALLY LIMITED, LIMITED, RESTRICTED, UNTRUSTED, BLOCKED.
  • If a software compatibility problem have U tried the conflict FAQ?: NONE
  • Any software except CIS/OS involved? If so - name, & exact version: NONE
  • Any other information, eg your guess at the cause, how U tried to fix it etc: NONE
  • Always attach - Diagnostics file, Watch Activity process list, dump if freeze/crash. (If complex - CIS logs & config, screenshots, video, zipped program - not m’ware) ATTACHED
    [/ol]

B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration: 6, 1, 275152, 2801

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:All, HIPS=safe, BBlocker=Blocked, Firewall=Safe, AV=cloud is OFF
  • Have U made any other changes to the default config? (egs here.):NO
  • Have U updated (without uninstall) from a CIS 5?:NO
    [li]if so, have U tried a a clean reinstall - if not please do?:DONE
    [/li]- Have U imported a config from a previous version of CIS:NONE
    [li]if so, have U tried a standard config - if not please do:DONE
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:xp32sp3ver5.1build2600.xpsp_sp3_qfe.130307-0423 : Service Pack3, UAC=off, admin, VM not used
  • Other security/s’box software a) currently installed b) installed since OS: a=NONE b=NONE
    [/ol]

[attachment deleted by admin]

2

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again

Mouse

3

Can you please check and see if this is fixed with the newest version? Please let us know whether it is fixed or you are still experiencing the problem.

Thank you.

PM sent.

4

The devs have responded that this is expected behavior. The file is already saved as trusted via the local database.

Thus, I will move this report to Resolved.

Thank you.