CCAV Ask for Untrusted Doesn't Properly Sandbox Files

1. What actually happened
The application AntiTest.exe was launched outside the sandbox when answering “Run in Sandbox”

2. What you did to cause that to happen, step by step
0) Set Sandbox to always ask for unknown files.
I) Download SpyShelter Test Tool.
II) Unpack it with the password provided on the website linked above.
III) Double-click the unpacked AntiTest.exe file
IV) Click Ignore Once repeatedly for the AV alerts, alternatively turn off the AV module.
V) Answer “Run in Sandbox”
VI) Answer UAC alert with Yes/OK
VII) Answer “Run in Sandbox”
VIII) AntiTest.exe launches outside of Sandbox.

IX) Right-click AntiTest.exe and click COMODO Cloud Antivirus → Run in COMODO Cloud Antivirus Sandbox.
X) Answer UAC alert with Yes/OK.
XI) AntiTest.exe launches IN the Sandbox.

3. If you repeat these steps does the same thing always happen
Yes.

4. What you expected or wanted to happen
AntiTest.exe to be sandboxed or alternatively blocked when answering “Run in Sandbox”, not to be started outside of Sandbox.

5. Operating system, whether 32 or 64bit, and service pack number
Windows 10 Pro 64bit version 1703 Build 15063.138
CCAV full version number (from Help ~ About)
Product Version: 1.10.413855.478 ← That isn’t copy-pastable btw, please fix that as well.

6. Any other security or sandbox software installed now or previously
Previous:
SpyShelter Firewall
Current:
Zemana AntiLogger
HitmanPro.Alert!
Windows Firewall Control

7. Does this problem occur if you load the default configuration and reboot
No, resetting the settings causes Sandbox setting to revert to Always sandbox unknown files, with this setting the file will be sandboxed. Setting it to always ask and then answering “Run in Sandbox” on the alert causes the file to run outside of sandbox. Something is wrong with the “Ask” option.

8. Any other relevant information (eg Your guess at the reason for the bug)
N/A

Report and log can be found in Resources.zip which is attached, video of the issue can be downloaded here: MEGA

Hi,
Can’t produce it, it work as expected.

Lets see if someone else can produce it.

Thanks
-umesh

Same happens to me, With CCAV sandbox configured to Ask for untrusted applications.

Note; if the sandbox is configured to Sandbox all untrusted applications then the AntiTest.exe was sandboxed.

https://imgur.com/a/xPmqB

Window 10 64bit V1703
Comodo Cloud Antivirus v1.10.413855.478

download link to video (recorded with vlc)
http://www.yourfilelink.com/get.php?fid=1345310

Hi BlueTesta,
May you please share OS Build number as seen from winver.exe ?

thanks
-umesh

Window 10 V1703 (OS-Version 15063.138)

Comodo Cloud Antivirus v1.10.413855.478

hmm, i have exactly same build.
Next question, did you upgrade or fresh install?

Thanks
-umesh

first i upgraded windows 10 to the lastest verison, and then i installed the lastest CCAV version from the forum

Thanks, let me get back on this.

I pretty much had the same upgrade path as BlueTesta but specifically with Release Preview version of Windows (slowest Insider Preview ring)

Edit: If there’s any kind of testing you want me to do, or some diagnostics etc, then you need only ask and detail what it is you want me to do.
Edit 2: Btw, I uninstalled all other security applications and killed pretty much all other processes in order to test if it was an incompatibility, issue still persisted.

Hi Sanya,
We are still looking at and will get back to you if we need ant modified module to try on your PC.

Thank you
-umesh

The update i recived from Umesh fixed the bug on my pc :-TU

Video
http://www.yourfilelink.com/get.php?fid=1346083

hopefully Sanya can confirm this, on her/his pc to.

Should be fixed with Comodo Cloud Antivirus v1.11.417572.505 moving to resolved.