Advice Request CFW/cs v12.2.2.8012 - No Containment Popup Messages running Windows 10 v21H1

Please provide comments and solutions that are helpful to the author of this topic.

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
This may have been discussed before but recently I went back to WD and added CF/cs again v12.2.2.8012. I have Containment configured as follows:

I. Image 1.png

According to @cruelsister's config video using CFW v10, she mentions that whether one has "Do not show privilege escalation alerts: Run Inside Container aka Run Isolated", checked or unchecked has to do with receiving popup messages. If checked, on should see a popup that says the questionable file has been Isolated, unchecked one should see a popup that displays options to choose.

At best trying both ways, all I see is a Green Border around the file, and then I have to go back into the main GUI and unblock the file if necessary.

I am running Windows 10 21H1. I have checked Windows Notifications, and noticed that CFW does not register as an App that I should allow to receive notifications from.

Has anyone else noticed this behavior with the latest version of CFW/cs on the latest Windows 10?
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Hi! Regarding the Privilege Escalation Box Check question: Consider we have 2 files identical save one will request Administrator Privilege while the other does not. Whether the Box is checked or unchecked will result in a single Containment popup. However if the box is unchecked you will note an additional Red popup that the file is requesting Unlimited System Access (giving the choice of Containing or allowing- for giggles, check your PM).

As to the Notification question, I can't really save as I have never enabled it.
 

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
Hi, @cruelsister. Thanks for getting back to me.

v12 for me does not mimic what v10 does for you.

I don't know if Comodo eliminated the extra alerts or there is a problem with my CFW config or my W10 system(See PM).

Maybe I need to downgrade to your version for additional alert verbosity but then I may have to run it in Compatibility mode since you are fond of Windows 7 Ultimate, and I have Windows 10 21H1.
 

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
Same config like you. I might get a Green Border but no message like yours at the lower right. What version of CFW are you using or are you using the full CIS but using cs settings?

Update: A little while ago, I reset the wbem repository file because my AV was not registering in the WSC. Now I get the message like yours with a suspect file in the lower right because for some reason CFW is now. registering in Windows Notifications. But still no Green Border.
 
Last edited:

Brahman

Level 16
Verified
Top Poster
Well-known
Aug 22, 2013
799
Newest CF With CS settings but enabled hips to safe mode and removed all vendors except that I use in my system and disabled cloud lookup in file rating settings. ( what this does is nothing runs be it digitally signed or unsigned without me adding the file's signature to vendors list, and everything that is not in vendors list runs automatically in sandbox.....ultimate default deny)

Untitled-1.jpg
Untitled-2.jpg
 
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top