A. THE BUG/ISSUE (Varies from issue to issue) Can you reproduce the problem & if so how reliably?:
Yes very reliably If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1.make sure auto sandbox is enabled
2.run an unknown application that is not listed in the unrecognized files list (if so remove from list)
3.click name of application in sandbox alert
4.notice file properties dialog window is displayed One or two sentences explaining what actually happened:
Clicking filename in sandbox notification displays the file properties window of said application. One or two sentences explaining what you expected to happen:
According to the help documentation and behavior of previous CIS versions, clicking filename in sandbox alert is supposed to open the unrecognized files list in comodo advanced settings window. If a software compatibility problem have you tried the advice to make programs work with CIS?:
Not applicable Any software except CIS/OS involved? If so - name, & exact version:
Any unknown application that hasn’t been introduced to the system yet or not already listed in unrecognized files list. Any other information, eg your guess at the cause, how you tried to fix it etc:
not applicable B. YOUR SETUP Exact CIS version & configuration:
CIS version 8.1.0.4426, proactive configuration Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
HIPS=disabled, Auto sandbox=enabled, Firewall=enabled, AV not installed Have you made any other changes to the default config? (egs here.):
Set HIPS to disable Have you updated (without uninstall) from CIS 5, 6 or 7?:
No, clean install if so, have you tried a a a clean reinstall - if not please do?:
Yes Have you imported a config from a previous version of CIS:
No if so, have you tried a standard config - if not please do:
Yes OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Windows 7 SP1 x64, UAC=disabled, admin account, real system non-VM Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=not applicable b=not applicable
Personally I think this is a help documentation issue, clicking the name in all other CIS alerts have always opened the file properties and it would make sense through consistency that it would do the same for Sandbox alerts, I haven’t used Sandbox much myself but I haven’t noticed any other behavior in the past from when I have used the sandbox, but perhaps I’m mistaken on that one.
I’m guessing they’ll change the help text rather than the function, more so if they are going to implement their own CIS “file properties” window like they recently did in CES.
I was thinking the same however on previous versions of CIS, clicking the filename did indeed open the unrecognized file list. So im guessing this is indeed a bug.
Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.
Developers may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.
Just an update, this is still a bug with the newest CIS release version 8.2.0.4508. According to the help documentation it specifically says
The alert will show the name of the executable that has been auto-sandboxed. The application will be automatically added to File List with the ‘Unrecognized’ rating.
Clicking the name of the application will open the File List interface with currently sandboxed application highlighted.</blockquote> [url=https://help.comodo.com/topic-72-1-623-7607-Understanding-Security-Alerts.html#sandbox_note]Source.[/url]
Although not really a big issue, this is not fixed in version 8.2.0.4591. It would be nice if clicking the file name in any alert type (e.g. firewall,defense+,sandbox) would open up the local file list with the file highlighted in which the user can either submit the file to comodo, perform an online lookup, or override the file rating.