0. I run an app that is unknown in either as Partially Limited or Full virtualized sandbox and got a BSOD.
1.Look the attachments for reports
2.COMODO Firewall 7.0.308911.4080
3.Windows 7 Service Pack 1 32-bit Home Premium. I am using VM.
4.Firewall mode, only change is Partially Limeted closed and Fully Virtualized opened.
i)I have a an executable file. I run it. CFW did not show any alert.
ii)then a window opened. after a second BSOD happened.
9. I expect, FV sandbox should block it, but BSOD happened.
a video that shows the BSOD settings above and here is the video : Zippyshare.com - [now defunct] Free File Hosting
[attachment deleted by admin]
-The file in the un-recognized files. I clicked it and it runs without sandbox. I right-clicked on and “Run in sandbox” then nothing happened.
Direct click make BSOD happen.
-Also I cannot remove the file on un-recognized files list, it is continiously refreshing.
This BSOD is also happened in partially limited sandbox setting.
Thank you very much for reporting this. If possible please make sure your computer is set to create full memory dumps in case of BSOD. Then, rerun this so it creates a full dump. Then upload the dump to a file sharing site, such as this one and paste the download link in your reply.
I cannot replicate this on my system. CIS is set to Proactive Security, and the BB is set to FV. I tested this both with file rating enabled and disabled. I also tried enabling and disabling the AV. I did not yet try altering the configuration of CIS.
My system is Windows 7 x64. As you are experiencing this on a system which is running Windows 7 x32, perhaps this is an issue specific to 32 bit systems. If you are able to replicate this please do create the complete memory dump. That will contain enough information for them to understand what was happening, and thus to fix this.
Thank you and let me know if you have any questions.
My VM has not got enough place for Complete Report and Kernel Report but minidump files. I have only minidump file but this one is useless for you I know. Sorry for this Chiron.
I edit my post and I add a screenshot and a video.
That’s okay. If anyone else is willing to try this, and will be able to provide a kernel of Complete dump file, I can provide you with the sample. Feel free to ask either in this report or via PM.
You can try a VM with above settings. These are all I have Chiron, thanks for your guidance.
Tried it 2 times but did not get any BSOD, hopefully someone else can bring a full dump…Maybe I should ask the guy on Malwaretips.
If anyone can replicate it I will need a Complete Dump. The devs have informed me that even a kernel dump does not contain enough information. Instructions on how to configure your computer to create a complete dump for Windows 7 can be found here.
Please, if anyone can replicate it respond to this topic with a download link for either a Complete Dump (preferable) or a kernel dump (which may or may not have enough information). Without the dump I will not be able to forward this to format verified and will instead have to move it to the non-format section.
If anyone can provide the requested dump file I would really appreciate it.
Okay, as it seems that nobody is currently able to replicate this in an environment where a kernel or Complete dump can be created I will move this report to the non-format verified section. Be aware that reports in that section will not be looked at by the devs. Thus, it is unlikely that this issue, if it still exists, will be fixed unless a formatted post can be produced. Therefore, if you can produce a kernel or Complete Dump I will forward this back to the devs immediately.
Let me know if you have any questions.
CIS version 7.0.313494.4115 Final has just been released. Therefore, if the issue still occurs please create a new bug report for it in this section of the forum. The required format is provided in this post. Just copy and paste the code. Then replace the question marks with your responses.
I’m sorry, but as the most recent release is no longer in Beta the Beta bug reporting format can no longer be used. I will therefore move this report to Resolved. If the issue still occurs please do create a new bug report.
If you have any questions please feel free to ask.