Upgrade applications with containment activated?

Noiden · August 25, 2017, 12:19pm

Hi,

I got an update to my CrashPlan application, It’s an update where the CrashPlan Client downloades the update file and install it.

But I had no luck to install it, so I guess the installation when into a containment (sandbox) and did not update the Client that’s installed on the computer.

Is there some kind of setting for this? Or do I have to turn containment off when this updates happens?

Best Regards.

dittoit · August 25, 2017, 12:57pm

How are you updating the application? is it auto or are you manually installing, is it silent or do you see the progress? if you see a green box arround it then yes its run in containment.
you need to allow these kind of files in the whitlists. see attached PDF.

FYI i usuall add a random folder in the C Drive so C:\randomfolder so if you ever run into this again put the file in this folder and it will install
James.

GBS-ITSMwhite-listingbypath-300317-2058-26 (002).pdf (299 KB)

Noiden · August 25, 2017, 1:45pm

This update was a silent one that the application started by itself, I got an error that it could not update and then I i looked up contained processes and found it there. The workaround I did now was to disable containment for 15 minutes.

Anyway, if I using the deployment function of applications in Comodo One they will not run as contained? Or do I have to whitelist them first? =)

Thanks for the help document.

dittoit · August 25, 2017, 1:49pm

That is a good question, i would expect the install to be fine as C1 should know about the updates it is presenting.

Comodo could answer?

Oliver_C · August 25, 2017, 5:19pm

Hi @Noiden and @dittoit ,

Applications deployed thru C1 will not guarantee that the application will not be contained nor automatically be rated as Trusted. Determining trust level is an independent process. Please proceed to white-listing by path to prevent future updates to result in containment.

Regards,
Oliver

nct · August 30, 2017, 11:37pm

Suggest you try excluding these folders from virus checking and containment. Replacing administrator with the appropriate username.

C:\Users\administrator\AppData\Local\Programs\CrashPlan*
C:\Users\administrator\AppData\Local\CrashPlan*
C:\ProgramData\CrashPlan*
C:\Users\administrator\AppData\Local\Programs\CrashPlan*
C:\Program Files\CrashPlan*

dittoit · August 31, 2017, 7:30am

you could do this as a “catch all”

C:\Users*\AppData\Local\Programs\CrashPlan*
C:\Users*\AppData\Local\CrashPlan*
C:\ProgramData\CrashPlan*
C:\Users*\AppData\Local\Programs\CrashPlan*
C:\Program Files\CrashPlan*