Whether you can make the problem happen again, and if so precise steps to make it happen: execute the file CIS alerts that file sandboxed but file not in sandbox , Not even in trusted file list but file running in memory
Any other information (eg your guess regarding the cause, with reasons): N/A
B. FILES APPENDED. (Please zip unless screenshots).: Attached and ziped
Screenshots of the Defense plus Active Processes List (Required for all issues): Attached
Screenshots illustrating the bug: Attached
Screenshots of related CIS event logs: Attached
A CIS config report or file: Attached
Crash or freeze dump file: N/A
Screenshot of More~About page. Can be used instead of typed product and AV database version: Attached
C. YOUR SETUP:
CIS version, AV database version & configuration: CIS PRO 5.8.213334.2134, database 10577 , attached
a) Have you updated (without uninstall) from a previous version of CIS: Clean Install
b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: N/A
a) Have you imported a config from a previous version of CIS: No
b) if so, have U tried a standard config (without losing settings - if not please do)?: N/A
Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.):No, Config file Zipped and attached
But then why was it not in trusted file list and why did my setup become unresponsive anyways i restarted my computer and disabled everything in CIS and it solved the problem must say shadow defender is good soft hope comodo could have something like this
EXcellent issue report in standard format, thanks.
The config file is extremely helpful for deep analysis, but to avoid people having to load it could you give brief answers to section C.4 and C.5. I’d appreciate it because we are all volunteers here, and have limited time
[Edit]Also I assume by N/A in C.3 and C.7 you mean ‘No’?
Can I just clarify the process you went through:
You got an unlimited access alert, not an application isolated notification
You pressed the sandbox button on the alert
then you ran the file again, maybe and and pressed block instead
I think the file probably was sandboxed first time, unless you know different, the question is why was it not in unrecognised files?
Thanks very much. Just need to think this through to see if this constitutes a bug. File was looked up online at some stage, but why running with nothing in unrecognised files but APL showing sandbox=disabled status=unrecognised is unclear. Maybe because you blocked rather than sandboxed it second time it ran?
Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.
Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.