COMODO Internet Security 6.0.258294.2626-39 Bug Reports

0. Issue.
Bypass CIS behavior blocker

1. Diagnostics report as attachment to your post
attached

2. The full product and its version
COMODO Internet Security 6.0.252829.2626

3. Your Operating System (32 or 64 bit) and Service Pack revision
Windows XP Pro SP3 32bit

4. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
default configuration with AV disabled

5. Other Security and Utility Software Installed
none

6. Step by step description to reproduce the issue
(1) I run the .exe file, and it was not automatically sandboxed by CIS behavior blocker.

The .exe file is safe, and the .dll file is malicious.

(2) The QQ.exe was terminated.

The QQ.exe is an IM software made in China.

(3) I opened kill switch and saw the modules.

The kis.dll was injected in the process.

(4) I opened the autorun analyser and found out it.

(5)

http://valkyrie.comodo.com/Result.html?sha1=c2a61305d98668d4e55d9d03b92c89c2d5c6a971&&query=0&&filename=资料.exe

http://valkyrie.comodo.com/Result.html?sha1=b06c3cd489fc7474a547cdbfbf0e186e4d5510ed&&query=0&&filename=kis.dll

[attachment deleted by admin]

Good day ive just instaled cis latest beta and i`m making a full sacn and i notice that my cpu goes crazy up to 100% sometimes it just goes up and down , too much even in background seems to be vey agressive to the cpu ! should it be so cpu agresive?
i have windows 8 pro 64 bits with media center default config on cis
i have malwarebites not with real protection active
i have advance system care
i have sysrestore pro
vmwareworkstation
uniblue driver scaner
cc cleaner
u torrent
and not much programs

right now it is scaning and stil goin up very often!

Did you try changing the task priority to low?

Not a bug. You need to manually turn Windows firewall off.
Always been this way.

Please repost this in the correct format or it will be disregarded. See the first post page 1 for the format.
Thank you.

i did what you said and the scan went smooth , but one thing i notice is that it was very fast (full scan) is this normal only took one minute ! i reapeted several times (full scan) and its always fast and stops at file saying status:UPX ALWAYS STOPS AT THIS FILE (STATUS:UPX)
IS THIS NORMAL? THANK YOU VERY MUCH

  1. Summary of Issue
    When running Dragon sandboxed by opening it through the widget I cannot grab and drag the scrollbar by moving mouse all the way to the side, like you normally can with a browser when it is full-screen. I believe this is because of the green border.
  2. Diagnostics report as attachment to your post
    Attached.
  3. The full product and its version
    Comodo Internet Security Version 6.0.258294.2626
  4. Your Operating System (32 or 64 bit) and Service Pack revision
    Windows 7 x64 (Service Pack 1)
  5. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
    Default
  6. Other Security and Utility Software Installed
    Just Comodo System Utilities.
  7. Step by step description to reproduce the issue
    When running Dragon sandboxed, by opening it through the widget, I cannot grab and drag the scrollbar by moving mouse all the way to the side of the screen, like you normally can with a browser when it is full-screen. I believe this is because of the green border.

I believe this happens because the green border effectively pushes the browser away from the side of the screen just enough that when you go to grab it with the mouse it is no longer touching the side of the screen. I believe that the intended behavior is for the green border to only be a visual affect, but to not actually push the edge of the browser away from the screen so that these sort of problems happen.

[attachment deleted by admin]

  1. Summary of Issue
    When threats are detected the antivirus scanning window does not readjust itself. This means that some of the information is now pushed past the bottom of the screen. I have attached a screenshot to show the behavior.
  2. Diagnostics report as attachment to your post
    Attached.
  3. The full product and its version
    Comodo Internet Security Version 6.0.258294.2626
  4. Your Operating System (32 or 64 bit) and Service Pack revision
    Windows 7 x64 (Service Pack 1)
  5. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
    Default except that I chose to disable the real-time antivirus component permanently.
  6. Other Security and Utility Software Installed
    Just Comodo System Utilities.
  7. Step by step description to reproduce the issue
    When threats are detected during a manual scan the antivirus scanning window does not readjust itself. This means that some of the information is now pushed past the bottom of the screen. I have attached a screenshot to show the behavior.

This happens every time I run a scan and there are threats found.

[attachment deleted by admin]

This Beta 1 issue is not resolved:

Kiosk vulnerable to clipboard logging exploit..

This Beta 1 issue is not resolved:

Some software needing admin rights cannot be run in Kiosk unless you make it installer/updater in HIPS..

THis Beta 1 issue is not resolved:

The names given to the AV exclusions tabs are misleading, as are the menu options offered.

This Beta 1 issue is not resolved:

No enhanced protection mode setting for the Behavious Blocker. Now this is separate from D+, there should be. (See report for reasoning).

0. Issue.
Installer digitally signed and whitelisted (is on TVL) but its spawned temp files still get sandboxed

1. Diagnostics report as attachment to your post
ATTACHED

2. The full product and its version
Comodo Internet Security 6.0.258294.2626

3. Your Operating System (32 or 64 bit) and Service Pack revision
Windows 7 SP1 64bit

4. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
Disabled “Detect installers and show privilege elevation alerts”. I prefer it this way so TVL stuff is automatically allowed and anything else unknown is automatically sandboxed without asking me if i want to run it Unlimited or Isolated.

5. Other Security and Utility Software Installed
None

6. Step by step description to reproduce the issue

DOESN’T FUNCTION CORRECTLY

  1. Disabled “Detect installers and show privilege elevation alerts”
  2. Download Burnaware Free ( http://www.burnaware.com )
  3. Burnaware Free installer is digitally signed
  4. When executed, installer DOESN’T get sandboxed because it’s signed
  5. burnaware_free.tmp a second later DOES get sandboxed
  6. burnaware_free.tmp shouldn’t get sanboxed because it was created by a signed and trusted EXE

FUNCTIONS CORRECTLY

  1. Enable “Detect installers and show privilege elevation alerts”
  2. Download Burnaware Free ( http://www.burnaware.com )
  3. Burnaware Free installer is digitally signed
  4. When executed, i don’t get any popups from CIS6
  5. Burnaware gets installed correctly

“Trust files installed by trusted installer” doesn’t seem to function correctly if “Detect installers and show privilege elevation alerts” is disabled. But in situations like this, CIS6 shoudln’t display any popups in either situation because the main installer is digitally signed and on TVL. Please fix this because i had the same issue with GOG version of game Theme Hospital that i’ve reported during BETA1.

[attachment deleted by admin]

0. Issue.
CIS6 preventing kMule from functioning correctly when auto sandboxed

1. Diagnostics report as attachment to your post
ATTACHED

2. The full product and its version
Comodo Internet Security 6.0.258294.2626

3. Your Operating System (32 or 64 bit) and Service Pack revision
Windows 7 SP1 64bit

4. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
None

5. Other Security and Utility Software Installed
None

6. Step by step description to reproduce the issue

Download kMule (ZIP file) and set it to store all files and settings inside its own folder:

Run kMule.exe and let it get sandboxed as it’s unknown. It often happens that tray icon doesn’t ever appear. But this is random. Sometimes tray icon appears (very rarely), sometimes it doesn’t (most of the time).

It is also impossible to exit kMule in a normal way when sandboxed because Exit question dialog from kMule doesn’t even show up. You can see it in Task manager when you hide kMule window but you cannot bring it to front so you could confirm that you want to close kMule.

kMule used to work perfectly fine Partailly Limited in BETA1 on a non system disk as a portable app (all data inside its own folder), but now in BETA2 it’s having these idiotic problems.

If i add kmule.exe manually to the trusted list, it works properly. It seems like you have changed something in the Partially Limited mode and is now breaking the kMule from functioning properly.

THis Beta 1 issue is not resolved:

Some processes running in Kiosk appear as blank lines in application pane in Killswitch.

0. Summary of bug
Cloud Lookup does not start a second time on the same files.

1. The full product and its version
COMODO Internet Security 6.0.252829.2626

2. Your Operating System (32 or 64 bit) and Service Pack revision
Windows Vista 64 bit.

3. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
None

4. Other Security and Utility Software Installed
None

5. Step by step description to reproduce the issue
*Put some files on the “Unrecognized files” tab
*Click on “Lookup”
*After Lookup is done, close the Lookup window
*Then try to do another cloud lookup with the same files.
*I need to click many many times to do another one.

[attachment deleted by admin]

0. Issue.
About the definition of sandboxed applications

1. Diagnostics report as attachment to your post
attached

2. The full product and its version
COMODO Internet Security 6.0.258294.2626

3. Your Operating System (32 or 64 bit) and Service Pack revision
Windows XP SP3 32bit

4. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
default configuration

5. Other Security and Utility Software Installed
none

6. Step by step description to reproduce the issue
(1) I run the CLT.exe and the widget showed one sandboxed application.

http://i.imgur.com/wkW0g.png

(2) I clcicked on it.

“nothing in the list”

(3) I switched it to the “Show All Processes”.

Then the sandboxed application was appeared.

(4) The users might be confused.

Do the restricted applications belong to the sandboxed applications?

Do the sandboxed applications mean the virtualized applications?

[attachment deleted by admin]

  1. Summary of bug
    Changes default home page of browsers even though I choose not to. It tried to change homepage of Comodo Dragon v23, IE v10 and Firefox v16 [31]

  2. The full product and its version
    COMODO Internet Security 6.0.252829.2626

  3. Your Operating System (32 or 64 bit) and Service Pack revision
    Windows 7 64 bit and windows 8 64 bit.

  4. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
    Default

  5. Other Security and Utility Software Installed
    Kingsoft AV, CPM 2 beta, TuneUp Utilities 2013 in win7 64bit and Tuneup Utilites 2013 in win 8 64bit

  6. Step by step description to reproduce the issue
    None. I changed default home page to bing.com by myself…

In my opinion, security solutions should not have right to change home page of user or should have option to change… Comodo should remove such option… Its okay to have such option for comodo browser but not for security solutions … I’m disappoint with egemen and team for such actions…

  1. Summary of bug
    CIS crashes while clicking on purge in firewall application rules

  2. The full product and its version
    COMODO Internet Security 6.0.252829.2626

  3. Your Operating System (32 or 64 bit) and Service Pack revision
    Windows 7 64 bit and windows 8 64 bit.

  4. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?
    Default

  5. Other Security and Utility Software Installed
    Kingsoft AV, CPM 2 beta, TuneUp Utilities 2013 in win7 64bit and Tuneup Utilites 2013 in win 8 64bit

  6. Step by step description to reproduce the issue
    Everytime I click on purge on application rules of firewall settings, it crashes. And also purge action never completes…

  1. Issue. Threat found with full scan but with just name and nothing else, see pic. [32,33]

  2. Diagnostics report as attachment to your post: attached

  3. The full product and its version e.g. COMOOD Firewall 6.0.258294.2626

  4. Your Operating System (32 or 64 bit) and Service Pack revision Windows 7 64 bit SP1

  5. List all the configuration changes you did. Are you using Default configuration?
    Behavior blocker to restricted, firewall do not show alerts unchecked, unchecked enable trustconnect, Stealthed ports to alert to incoming connections. Unchecked show welcome screen/play sound/show information messaged…, updates for database set to 2 hours

  6. Other Security and Utility Software Installed: none

  7. Step by step description to reproduce the issue
    Run a full scan threat is found as aspack but nothing else is listed there. Checked computer with MBAM nothing found. Will check with emsisoft, norton, superanti spyware and anything else to see if I can verify. If I select clean it says cleaned but nothing appears in Quarantine.

[attachment deleted by admin]