I have encountered a weird error. After reinstalling my XPx64 and latest CIS, I don’t have ANY way to configure sandbox. The advanced settings window just does not have “sandbox” anymore, nor have I found its settings anywhere else ???
I even reinstalled windows again and installed CIS first. Same result.
Couldn’t find a similar report on the net either, so I’m posting here…
Btw, is there a reg entry to turn sandbox off completely, or any other options? I really don’t like the auto-sandboxing at all… With it turn on, I had to restart some installations 5-10 times, cause it keeps sandboxing new files…
Hi HackAR,
Under ‘Defense+’ in the ‘Advanced Settings’, are you missing both the Behaviour Blocker and Sandbox?(Screenshot)
If yes, it sounds like you have encountered the bug in the topic below effecting XP 64-bit. Behavior blocker menu missing in Advanced Setting
I’ve found a switch in registry to turn off sandbox service. Found a level entry for sandboxing in registry, changed it 5->0. It turned off Defence+ completely (WOW what a speed!). Plus it made CIS report problem with Defence+ which it could not fix. So I changed it back…
so…
A
see previous post
Yes i can reproduce the problem 100% (see previous post)
just installed windows + CIS
should be obvious…
5/6. no other software involved, clean OS
using a modified version of XPx64 (nLite) I don’t know how it could effect displaying tab for settings, but Ill try an unchanged installation in a VBox today.
attaching Diag and screenshot …
B
Exact CIS version & configuration
CIS 6.3.297838.2953 configuration does not matter.
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV
Deactivated “Do not show alerts” and “GeekBuddy” during installation. All default after installation.
Have U made any other changes to the default config?
After encountering the problem
Have U updated (without uninstall) from a CIS 5?
No
Have U imported a config from a previous version of CIS?
No
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine
XPx64 SP2 (UAC? =D) Admin account, real PC (named VMLOG though)
Other security/s’box software a) currently installed b) installed since OS
No/No
If everything else fails you can disable the sandbox by following this:
Backup the registry.
Open regedit.exe
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro\Configurations
Identify your configuration file, by default 0 is Internet Security, 1 is Proactive Security and 2 is Firewall Security, you can identify which is which my clicking one of the numbers and looking for the key “Name” to the right.
Now navigate to X\HIPS\SBSettings where X is the number of your active configuration file.
Find “SBMode” in the list to the right.
[li]Change its value to exactly “11773” without the quotation-marks, this should disable the auto-sandbox, if you ever want to enable it again then change the value to “1177b”
[/li]
Under the Auto-Sandbox section you should be able to click where it says Partially Limited. This will show the drop-down menu, of which one of the options is disabled.
Thanks, I’ll try it, but my current Value is “1057b”…
[edit] 11773 seems to work. Many thanks. the missing bits on my value must be related to some other settings…
In that case, if you want to revert then I’d recommend to use the value you had as default, I have a lot of different settings myself and those numbers were for my setup, it’s possible that each number in the value could correspond to a setting and the last being a “3” decides to disable the sandbox and having it set to “b” enables it. shrugs I don’t really know, which is why registry backups are always a good idea.
While “The sandbox in CIS doesnt not support windows xp 64 bit”, it’s still active and auto-sandbox lots of programs like installers and sub programs of the installers. This results in incomplete installations, many reinstalls (basically once per “do not isolate again” click). In case of driver installs, this can result in a broken system, also.
Edit: I welcome that you allow a program to run on an “unsupported” OS. But you should allow us to adjust some settings, or at least let us deactivate the program.
No, I have not.
But I don’t see the point of your question anyway, sorry. Sometimes I have to install unsigned drivers. And you can’t expect the integrated list to include all software I’d like to install. Most of them do not use signed installers.
It would be nice to be able to disable auto-sandboxing on unsupported OS (Win Xp x64).
I really like CIS, but the problems with auto-sandboxing sometimes lead to very nasty outcomes, easpecailly when installing software containing unsigned drivers.