CIS 4 Beta release

Changes in Defense+
1 - Defense+ now includes a sandbox

We have introduced the COMODO Sandbox with CIS 4.x. The COMODO Sandbox is used in CIS for various purposes. The main purpose of the sandbox is to reduce the unnecessary Defense+ alerts while providing the optimum protection.

How does the COMODO Sandbox work?

COMODO Sandbox is a sandbox which combines the 2 concepts:

   1 - File system/registry virtualization
   The sandboxed appplications can be executed inside a virtualized file system and registry environment so that the rest of the system is not affected by these changes.
   2 - Least-Privileged User Account
   COMODO Sandbox, according to the restriction level, removes many of the privileges of a sandboxed process and applies many other operating system provided    restrictions.

By default, CIS is configured to automatically sandbox the unknown applications with the exception of Installers or programs that require administrative privileges. If an unknown program is a setup file or requests administrative privileges in its manifest, CIS will show a privilege elevation request.

In the current release, while automatically sandboxing, file system/registry virtualization is not enabled by default. Depending on the beta testing process, this might change.

All unknown and sandboxed applications are automatically moved to My Pending Files for further analysis.

2 - Automatic rule creation is disabled by default.

While D+ is in Safe Mode, it no longer creates D+ rules unless it is configured to do so by using "Defense+->Advanced->Defense+ Settings-> Create rules for safe applications".

3 - Installation Mode Removed
There is no longer an instalaltion mode in CIS4. If a file is treated as an Installer or Updater, CIS will automatically handle its operations. CIS automatically whitelists files dropped by trusted installers in My Own Safe Files list if a file is not already safe.

4 - COMODO Time Machine and Windows System Restore snapshotting through the popup alerts.
D+ popups now inludes an option to create a CTM or windows restore point snapshots. If CTM is installed, the option will be visible, if not windows System Restore is used instead.

5 - File submision through the popups is now possible

6 - Default D+ policy is hardened(COMODO Internet Security)
When installed as a full suite i.e. AV + FW, CIS default policy(COMODO Internet Security) is now hardened for more protection while providing fewer alerts with the introduction of automatic sandboxing.

Changes in Firewall

1 - Automatic rule creation is disabled by default
While FW is in Safe Mode, it no longer creates automatic FW rules unless it is configured to do so by using Firewall->Advanced-Firewall Behavior Settings-> Create rules for safe applications".

2 - Default Firewall Policy i.e. "COMODO Internet Security" changed
When installed as a suite i.e. AV + FW, default firewall policy is changed so that:

   1 - All incoming connections are blocked by default
   2 - All outgoing connections are allowed by default

Changes in Antivirus

1 - AV Updates
Unlike the previous versions, AV now reports the download status in a more granular way.
2 - Various improvements in the engine for better detection: i.e. better emulation, more unpacking etc.
3 - Improved cleaning support
The new engine introduces Disinfection support for the infected files in addition to deletion and quarantining. Also CIS4 now includes significantly improved file deletion, quaratining support to get rid of persistent files.
4 - Scanning in Safe Mode
cavsan.exe is designed in such a way that it can be used to scan for viruses in windows Safe mode or it can be used by various 3rd party applications through the commandline.
Doubleclicking on it will also allow the users to do virus scanning.

Changes in User Interface

1 - The user interface theme has been slightly modified to use the new theme. You will also notice some slight changes in various places.
2 - Seamless integration of LivePCSupport
COMODO LivePCSupport has been integrated into CIS and is a part of CIS from now on.

Other Changes

1 - Product installer has been replaced with Windows Installer and in the future BETA releases will also include a downloader.
2 - Windows shell commands have been internationalized(Scan with COMODO Antivirus, Run In COMODO Sandbox)

Please note that this is not a complete list of changes but some of the few we thought you might like to know.

Why is this BETA for?

1 - This BETA release is mainly required for us to see the INCOMPATIBILITY issues that can be observed with the introduction of the automatic sandboxing. Because automatic sandboxing introduces LPUA, some applications might have compatibility issues with CIS4 sandboxing.
We have been testing as many applications as we can however your feedback on this can not be replaced.

2 - The antivirus engine, although looks the same, has been reengineered significantly for variety of reasons. Your feedback on the STABILITY of the new engine is really valuable to us.

3 - Any other bugs you might have found is also very important to us


What are the known issues?

1 - We have not included all the user interface improvements to help you clearly see how the sandbox works. Although you can see it in D+ logs, we will be providing more visible enchancements to let you work better with CIS sandbox.
2 - We are aware of some applications that do not work if sandboxed unless the restriction level is set to unrestricted e.g. Google Chrome
3 - Although we have tested the release, the development is still ongoing and there might be serious issues that can affect your computers stability

What is new in version 4.0.129536.679?

This release addressed total 127 bugs that are either reported publicly or found during private testing. Here are some of the fixes:

FIXED! USB devices are not recognized while CIS is installed
FIXED! AV Scanner crashes while scanning some files
FIXED! CIS BSODs with Xlisoft Video Converter
FIXED! CIS keeps logging when logging is disabled
FIXED! CIS does not remember answers to some COM alerts
FIXED! CIS icon stays permanently in Windows 7 task bar
FIXED! Many incompatibility problems: Googlle Sidebar Consumes 100% CPU when sandboxed, Opera can not open default browser settings etc.
FIXED! AV full scanning status is not reflected properly in the summary screen

We are aware of some issues that cause incompatibility problems and we are still working on them.