Comodo not sandboxing after upgrade...

Status
Not open for further replies.
porkpiehat

porkpiehat

Level 6
Thread author
Verified
Well-known
May 30, 2015
277
FW Block.. no green border, and yes that option is checked....
 
porkpiehat

porkpiehat

Level 6
Thread author
Verified
Well-known
May 30, 2015
277
I'm thinking, maybe uninstall Comodo, and install CFW, and go from there....is there an official uninstaller or will Revo do the job?
 
H

hjlbx

yesnoo said:
He haven't yet replied on green border & FW set to allow or block.
Click to expand...

Unfortunately, @porkpiehat 's experience is what happens when a user first starts using CIS = massive confusion.

@porkpiehat - when you say file is rated as Unrecognized, do you mean in your local CIS File List or by right-click Lookup (= Cloud\File Lookup Server) rating ?

Did you, by chance, have "Remember my answer" ticked in the HIPS alert when it prompted you to allow clt.exe to run. If you did this, CIS will create a HIPS Allow rule for clt.exe - and thus it will not be sandboxed even though it is Unrecognized.

Basically, in CIS, Trusted files are allowed to run, AND Unrecognized files with user-created HIPS Allow or Sandbox Ignore rules are allowed to run (and will not be sandboxed).

Does this clarify the issue ?
 
H

hjlbx

porkpiehat said:
FW Block.. no green border, and yes that option is checked....
Click to expand...

@porkpiehat

clt.exe needs network\internet access to work... after all, it is a firewall test suite !

So, if clt.exe is rated as Unrecognized in your CIS, then setting Firewall to "Do not show popups... Block" will block clt.exe from accessing network. clt.exe will not work...
 
H

hjlbx

porkpiehat said:
I'm thinking, maybe uninstall Comodo, and install CFW, and go from there....is there an official uninstaller or will Revo do the job?
Click to expand...

@porkpiehat

There is no official Comodo uninstaller. There is, however, an unofficial one that can be found on the Comodo forum. There is a specific thread that outlines its use. Be careful ! Used improperly it will delete all temp files... so make sure you have everything backed-up before using it.

It has been around for a number of years. I am not sure if it works properly on W10.

Whether you use CFW or CIS you can get equivalent results. With either one the user's experience with the soft is highly dependent upon settings.

If you are new to Comodo - whether it be CIS or CFW - disable the HIPS module and this should cut down on your frustration.

Whether you use CFW or CIS you are going to be confused\frustrated if you plan on fully exploring all the settings\functionality until you learn how they work and behave... you have to start somewhere and be patient.
 
Last edited by a moderator:
porkpiehat

porkpiehat

Level 6
Thread author
Verified
Well-known
May 30, 2015
277
ok, I've deleted the files from the file list, and HIPS list... maybe I had "Remember my answer" ticked... I'll have to keep my eye on that in future... I'll keep you updated...
 
H

hjlbx

porkpiehat said:
ok, I did the Comodo upgrade, and tested it with GRC Leaktest.... so on execution, the download was not sandboxed, whereas previously it was and I'd have to go through the process of getting it to run, etc.. then when the program was opened, Comodo allowed it to connect, whereas before I'd get the message connection could not be established... any ideas as to what is going on.. HELP...
Click to expand...

@porkpiehat

I apologize... I missed this post.

It could be a bug that was introduced into the new version 4674 - OR - it could be that GRC Leak Test is now rated as Trusted either by Comodo or by you in your local CIS File List. The second case is more likely.
 
H

hjlbx

porkpiehat said:
ok, I've deleted the files from the file list, and HIPS list... maybe I had "Remember my answer" ticked... I'll have to keep my eye on that in future... I'll keep you updated...
Click to expand...

@porkpiehat

If there was a\were HIPS allow rule(s) for clt.exe and GRC Leak Test then that means you inadvertently had "Remember my answer" ticked in the HIPS alert. So this would account for clt.exe and GRC Leak Test not generating alerts as before and not being sandboxed.

Can be quite confusing, innit ?

It's OK... it took me months to figure Comodo out. I installed it - got frustrated - uninstalled it - and abandoned it countless times. However, I always seem to come back to it... maybe it's a curse. :p Any how, over time I learned how to use it.

It will be all right...
 
  • Like
Reactions: porkpiehat
porkpiehat

porkpiehat

Level 6
Thread author
Verified
Well-known
May 30, 2015
277
ok, it seems like an oversight on my part, the tests that I downloaded are either being caught as viruses, or not being allowed to connect... sorry about that.. the learning curve continues, I guess... many thanks to everyone for all your help...
 
H

hjlbx

porkpiehat said:
ok, it seems like an oversight on my part, the tests that I downloaded are either being caught as viruses, or not being allowed to connect... sorry about that.. the learning curve continues, I guess... many thanks to everyone for all your help...
Click to expand...

@porkpiehat

Some antivirus detect GRC Leak Test as PUP... others block access to GRC web-page.

Disable Firewall "Do not show popups...Block" until after testing.

The CIS learning curve is both steep and long... at least it was for me. :D
 
H

hjlbx

porkpiehat said:
lol.... don't you know it.. but let's face it, the more effort you put into something, the more you get out of it.. :)
Click to expand...

@porkpiehat

It is just unfortunate CIS requires so much effort. The confusing settings - not to mention the confusing bugs (you will see what I mean as time goes on...).

This all leads to bad user experience with the product.

However, be that as it may, if you learn to use CIS at a very high level - using every one of it's features\advanced settings with skill - then you will learn a lot about IT security. I'm talking about configuring COMs, highly customized firewall rules, file access policies, etc, etc.

There's too much in CIS to cover here, but you know what I mean...
 
porkpiehat

porkpiehat

Level 6
Thread author
Verified
Well-known
May 30, 2015
277
yes, I've gathered from other comments on other posts, that Comodo is a monster of a program, in every sense... but it does what it does so well..
 
Status
Not open for further replies.

Similar threads

rashmi
    • Like
    • +Reputation
Serious Discussion Comodo Containment "Restricted" Restriction Level
Replies
24
Views
1,818
Comodo
rashmi
rashmi
rashmi
Question Comodo Firewall and AnyDesk
Replies
6
Views
756
Comodo
Bot
Bot
Shadowra
    • Like
    • +Reputation
    • Applause
  • Locked
App Review COMODO Internet Security 2025 Premium
Replies
117
Views
12,447
Video Reviews - Security and Privacy
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top