Comodo FileList Confusion

  • Thread starter Deleted member 2913
  • Start date
Status
Not open for further replies.
D

Deleted member 2913

Thread author
I am confused with FileList - Unrecognized Files

I use default CIS settings.

I installed 2 programs.

There was no Unlimited Rights Alert.

The programs were not autosandboxed.

Sandboxed Apps option on the CIS main GUI shows "0".

When I run the 2 programs there is no green border.


FileList - Unrecognized Files - Shows many files related to those 2 programs.


It seems the programs were not sandboxed so why all the files in unrecognized list?


Both the programs were downloaded & installed after CIS install.
 
viktik

viktik

Level 25
Verified
Well-known
Sep 17, 2013
1,492
is Auto-sandbox Enabled?

2007391.jpg



  • Have you done setting as shown below for "Unrecognized application"
  • Set origin to "Any" for all three locations
2007392.jpg
 
D

Deleted member 2913

Thread author
Autosandbox was enabled.
I know to change the settings to "Any" but I am not talking about that here.

I want to know, the settings were default, programs were not sandboxed so why all those files related to those programs in unrecognized filelist?
 
H

hjlbx

Thread author
yesnoo said:
I am confused with FileList - Unrecognized Files

I use default CIS settings.

I installed 2 programs.

There was no Unlimited Rights Alert.

The programs were not autosandboxed.

Sandboxed Apps option on the CIS main GUI shows "0".

When I run the 2 programs there is no green border.


FileList - Unrecognized Files - Shows many files related to those 2 programs.


It seems the programs were not sandboxed so why all the files in unrecognized list?


Both the programs were downloaded & installed after CIS install.
Click to expand...

@yesnoo

Do you remember if all the individual modules (e.g. *.exe, *.dll) were rated as Unrecognized - or - just some of them?

CIS will only sandbox modules that are loaded into active memory. Often, when a file is executed, only a few of its modules are loaded into memory. If none of the Unrecognized modules are loaded, then there will be no sandbox alert\sandboxing.

If you open the CIS Task Manager while those two apps are running, it will show on the right the Comodo file rating. If you see the files rates as Unrecognized then there should be HIPS (if enabled) and sandbox alerts. Obviously, you are already aware of this fact... I'm just trying to give you something that will help with troubleshooting.

Best Regards,

HJLBX
 
D

Deleted member 2913

Thread author
Some files were in unrecog list.

If I remember correctly, when I run those programs & checked with KillSwitch, Virtualization for those programs was mentioned as disabled.
 
H

hjlbx

Thread author
yesnoo said:
Some files were in unrecog list.

If I remember correctly, when I run those programs & checked with KillSwitch, Virtualization for those programs was mentioned as disabled.
Click to expand...

It is better to check File Rating of running app by using CIS Task Manager.
 
Rolo

Rolo

Level 18
Verified
Jun 14, 2015
857
yesnoo said:
If I remember correctly,...
Click to expand...
...and if you don't, you're on a wild goose chase. Always document/verify your settings (never say, 'default') and document the output. I've made a lot of money "fixing" computers and networks that were just misconfigured.
 
Status
Not open for further replies.

Similar threads

Brownie2019
    • Like
On Sale! AVG Ultimate 1PC,1Yr, $ 10,92
Replies
0
Views
212
Discounts and Deals
Brownie2019
Brownie2019
Menace4199
    • Like
  • Locked
Managed by administrator
Replies
2
Views
476
Windows Malware Removal Help & Support
nasdaq
nasdaq
E
  • Locked
No Reply need help! problem with oneetx.exe; cant remove it please help
Replies
18
Views
2,090
Windows Malware Removal Help & Support
icotonev
icotonev

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top