A. THE BUG/ISSUE
- What you did: I test comodo sandbox with the anti-logger test.
- What actually happened or you actually saw: Only the sandbox level,“partially limited”,can not block them.
- What you expected to happen or see: CIS sandbox with “partially limited” can block loggers.
- How you tried to fix it & what happened: None
- If a software compatibility problem have U tried the compatibility fixes (link in format)?: No
- Details & exact version of any software (except CIS) involved (with download link unless malware): Please see screenshots
- Whether you can make the problem happen again, and if so precise steps to make it happen: Yes.
a) open the anti-logger test program
b) it is sandboxed as partially limited
c) check keylog, screenshot, and clipboard logger
d) sandbox can not block them - Any other information (eg your guess regarding the cause, with reasons):
D+ does not block “access the keyboard” and “access the computer monitor” when the sandbox level is “partially limited”
B. FILES APPENDED. (Please zip unless screenshots).
- Screenshots of the Defense plus Active Processes List (Required for all issues):
2. Screenshots illustrating the bug:
keylogger:
screen logger:
clipboard logger:
- Screenshots of related CIS event logs: Not appended.
- A CIS config report or file: Not appended.
- Crash or freeze dump file: Not appended
- Screenshot of More~About page. Can be used instead of typed product and AV database version: Not appended.
C. YOUR SETUP
- CIS version, AV database version & configuration: 5.8.213334.2131,10780, CIS
- a) Have you updated (without uninstall) from a previous version of CIS: No
b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: Yes - a) Have you imported a config from a previous version of CIS: No
b) if so, have U tried a standard config (without losing settings - if not please do)?: Yes - Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): Yes, disable the antivirus
- Defense+, Sandbox, Firewall & AV security levels: D+=Safe, Sandbox=Enabled, Firewall=Safe, AV=Disabled
- OS version, service pack, number of bits, UAC setting, & account type: Windows XP, SP3 32bit, No Uac, Admin
- Other security and utility software currently installed: CIS only
- Other security software previously installed at any time since Windows was last installed*:None
- Virtual machine used (Please do NOT use Virtual box): none