I’m sorry, but as I am unable to reproduce it, the only way I can forward it is if someone who is experiencing this issue creates a formatted bug report. It’s likely then that there is something particular about the systems, either configuration, other installed programs, hardware, etc… which is causing this.
Without enough information to diagnose that I’m afraid the devs would not be able to solve this.
After killing Virtual Kiosk processes, details provided below, if I try to launch virtkiosk.exe from sandbox mode: the bar at the bottom reappears (I use Touchscreen mode), but if I click button to return to Windows, it doesn’t work and if I click Exit button I pass to a black screen, because I’m still in the sandbox mode but processes are closed. If I press CTRL+ALT+DEL, I go to a logonui.exe screen and if I want to start the Task Manager, it will be open out of black screen and so I can’t see it.
A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.
• Start Virtual Kiosk;
• In Virtual Kiosk, open a folder. In the folder path (in the top) write “c:\windows\system32\taskmgr.exe”. So it will run.
• Find virtkiosk.exe processes and kill them.
Option 2
• Start Virtual Kiosk;
• Download Process Explorer from here Process Explorer - Sysinternals | Microsoft Learn.
• Extract procexp.exe and run it in the Virtual Kiosk environment.
• Kill virtkiosk.exe processes. The first time kill first the virtkiosk.exe parent and then the child, the second time kill first the virtkiosk.exe child and then the parent. The child is placed under the parent.
Option 3
• Start Virtual Kiosk;
• Open Killswitch in the Virtual Kiosk.
• Kill virtkiosk.exe processes.
B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration:
Comodo Firewall 6.2.282872.2847. Proactive Security.
I quickly written this post. I will post more details when I have more time.
I’m waiting for an answer.
P.S.: excuse me for my English 
Richard
I have added the framework for the correct format into your above post. I also filled in any information I could.
Most of what needs to be there for a bug report is now in place. However, I still need some more information from you. Please answer the following questions.
Did you update from CIS 5?
If so, did you uninstall CIS 5 and then install CIS 6, or did you install CIS 6 over CIS 5?
Also, did you import a configuration from a previous version of CIS?
Also, do you have UAC enabled?
Are you running your computer as an administrator or did you switch to a limited account?
In addition to the answers to these questions the only other things I need from you are for you to attach your diagnostics report and the Process List. If you’re not sure about how to get either of these, or have questions about the above questions, please feel free to ask me. I am absolutely willing to help and would really like this bug to be addressed.
Thank you.
I can tell you I have not upgraded from a previous version and I have UAC cranked on maximum. I mention that because that is a windows setting that I manually set to its highest setting possible and then make it ask for a username and password on the secure desktop when admin actions are needed. As for specific config and details about software/processes I am running I cannot give that out.
For a bug like this, which may be complicated, this sort of information is required for a bug report. Thus, let’s hope that RickyDefended will be able to supply enough information for a bug report.
Answers for Ciron
Did you update from CIS 5? Yes, I did.
If so, did you uninstall CIS 5 and then install CIS 6, or did you install CIS 6 over CIS 5?
I installed CIS 6 over CIS 5. But after I needed to uninstall CIS 6 and reinstall it.
Also, did you import a configuration from a previous version of CIS?
No, I didn’t.
Also, do you have UAC enabled? Yes, level 4 (the max).
Are you running your computer as an administrator or did you switch to a limited account? Administrator
Main format (I don’t know if I did it well):
A. THE BUG ISSUE (Varies from issue to issue)
[ol]- Summary: Pls give a clear summary in the topic subject, NOT here.
B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration: Comodo Firewall 6.2.282872.2847, Proactive
[attachment deleted by admin]
Great bug report. Thank you very much.
However, I thought you had previously said that other AV’s had previously been installed on the computer. If so these should be included in B7.
Also, if you can please upload one of those pieces of malware which also cause this to VirusTotal and put a link in your bug report. This will allow me to flag it as critical, which usually means greater attention, as the link would prove that there are currently malware out there in the wild which can cause this.
I will forward it as soon as you have added the VirusTotal link.
Thanks.
Excuse me, what is B7?
Can I attach virus here in a password protected archive?
Sorry, this is the part which states “Other security/sandbox software a) currently installed b) installed since OS”. I’m asking whether other security software used to be installed on the computer, but is now removed. That is what should be listed in part b.
Sure, just don’t post the password in your bug report. Tell the devs that they can contact you for the password.
Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.
Developers may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.
Many thanks again.
Can you please check and see if this is fixed with the newest version (6.3.294583.2937)? Please let us know whether it is fixed or you are still experiencing the problem.
Thank you.
PM sent.
Can you please check and see if this is fixed with the newest version (7.0.313494.4115)? Please respond to this topic letting us know whether it is fixed or if you are still experiencing the problem.
Thank you.
PM sent.
The devs are not able to replicate this behavior. Therefore, this seems that it may have been fixed. I will therefore move this to Resolved.
RickyDefended, if you are still experiencing this issue please let me know and I can move it back for further processing.
Thank you.
Hello,
Excuse me if I took so long to reply. I was very busy and I am not english, so I took a lot of time to write this post (and I hope it is grammatically correct).
I am sorry with version 7.0.317799.4142 the problem still occurs.
To reproduce this problem, follow these steps:
Explaination
When you launch Virtual Kiosk, a program called “virtkiosk.exe” placed in the same folder with “cis.exe”, “cistray.exe” and other Comodo programs will be executed. It runs another “virtkiosk.exe” process, which we will call child of the first “virtkiosk.exe” (that we will call the parent process). The child executes all the applications the user want to execute. So you can execute everything, including, in this case, Process Explorer. After Process Explorer loads, it is possible to kill each process in Sandbox (including the two virtkiosk.exe processes, that seem to be considered in Sandbox). If you kill any of the virtkiosk.exe processes (only one of the two processes), the other exits and you return in the normal environment. Because it’s difficult to kill two processes at the same time for technical reasons (you should press Del button twice almost instantly), we can use the option “Kill Process Tree” of Process Explorer. But Process Explorer is a child of the second virtkiosk.exe process, so, if we try this option, Process Explorer will kill itself before trying to kill one of the two virtkiosk.exe processes. So we will kill one of the two virtkiosk.exe processes (in this case the parent), the other will exit and the tree will no longer exist. When we start again Virtual Kiosk, we will find Process Explorer (that is still running). Before, Process Explorer was the child of the second virtkiosk.exe, but now the new virtkiosk.exe child isn’t the parent of procexp.exe (because the parent of procexp.exe is a process that doesn’t exist anymore), so in the tree of virtkiosk.exe we will find only two processes: the first virtkiosk.exe (the new parent), and the second virtkiosk.exe (the new child). We are now able to kill the tree without killing Process Explorer itself. So we will select the virtkiosk.exe parent and then we will press Shift-Del (that is the shortcut for Kill Process Tree). So almost instantly Process Explorer will kill the two processes (like some viruses could do), and magically the bar at the bottom disappears. Now you can’t return back to the normal environment and you need to lose your data on which you were working at that moment (for example open documents, browser pages etc), because you need to do something as a log off (with ctrl-alt-del) or a shutdown, or a reboot etc that will close the Virtual Kiosk environment. We needed to open Virtual Kiosk twice just due to pratical reasons. If you aren’t quick enough, the problem won’t occur. Instead, viruses could kill both processes in a very small amount of time and so this problem will occur. A good thing to resolve the problem is to protect virtkiosk.exe processes from being killed by Sandboxed processes.
Another way to get this working
So, as I said above, the problem is that when we kill a virtkiosk.exe process, the other take you to the normal environment. And what will happen if we suspend both the two processes before killing them? Doing that, the process that would take you to the normal environment is “freezed”, and doesn’t do anything. So you have enough time (practically infinite) to terminate both processes, without one of the two processes is able to react. This is a faster way to replicate this behavior, thus it is possible to create a new list of steps to do this:
Steps for the second way
The first 10 Steps are the same of the first way. It isn’t necessary to uncheck “Confirm Kill”, but you can uncheck it if you want.
11) Find one of the two “virtkiosk.exe” processes, then right-click on it, and choose “Suspend”. The process should become gray.
12) Find the second “virtkiosk.exe” process, then suspend it like in Step 11
13) After both processes have been suspended, start killing them. Kill both processes in the order you like the most. If “Confirm Kill” is checked, you have to answer “Yes” each time Process Explorer asks you if you want to kill the selected process.
The second way is faster than the first way, and it should work as well as the first one.
If you have any problem to replicate this behaviour, please let me know
Thank you for considering my problem (and excuse me if I needed a lot of time to reply, I was very busy),
RickyDefended
Thank you for checking this. I have added this information to the tracker, re-opened this issue in the tracker, and moved this bug report back to Format Verified.
Thanks again.
The devs have not marked this as Fixed in the tracker. However, sometimes bugs are fixed by the release of new versions, but not marked as Fixed in the tracker.
If you are able please check with the newest version (CIS version 8.0.0.4337) and let me know if this is fixed on your computer with that version.
Thank you.
Hello,
The devs have not marked this as Fixed in the tracker. However, sometimes bugs are fixed by the release of new versions, but not marked as Fixed in the tracker.
If you are able please check with the newest version (CIS version 8.1.0.4426) and let me know if this is fixed on your computer with that version.
Thank you.
Please check with Comodo Internet Security V10.0.0.6071 Beta thanks.