Ok, i don’t know, either i’m stupid or sandbox doesn’t seem to work anymore in last 2 beta builds.
Have tested it against MDL and not a single thing got sandboxed. I also haven’t got a single popup from CIS.
Nothing counted under unrecognized files either. From my past experience, all the files should be noted under those features. But nothing is. What’s up with that? Was there any significant change of this part or something? It also doesn’t seem to entirely block malware either. It used to perfectly block pretty much any fake AV, but now one installed and was there after reboot. Not active but i could execute it again and it would launch again easily. I think something is seriously broken here…
I’m running MS VirtualPC 2007 SP1 with WindowsXP SP3 using CIS5 build 1120.
I can guess that it doesn’t work properly in your virtual machine.
I tested it on my real working machine against about 15 files in last 2 days on default settings and all files were sandboxed so good that after restart i scanned my system with MBAM and Hitman PRo and couldn’t find any traces. It was absolutely clean. And even the fact that files still sat in unrecognized files section and treated as partially limited they could not harm my PC. I saw in D+ log that all harmful activity was blocked
Well this isn’t VirtualBox that is known to have problems with CIS, yes, i’m using default settings and yes, it used to work just fine in the exactly same VirtualPC image. I have it archived so i can always instantly restore the exact image. 3 builds back it was working fine. But 1120 and one before it, nada. CIS just doesn’t do anything. At all. I find it even more weird considering i seem to be the only one complaining over this.
Is VirtualPC now also affected by CIS just like VirtualBox is?
I am using VM player for virtual environment and have had no problems with the sandbox.
I know you are very knowledgeable and that you must have tried all of these suggestions already. But, if somebody else (that may not be as experienced) has a similar problem, I have listed the following steps for them to follow. So, if someone has a similar problem, try these and report back your findings… it may help us figure out if there is a problem in Virtual PC or CIS.
Make sure you have the latest version of CIS beta.
Make sure defense + and sandbox are both enabled.
Run diagnostics. Perhaps it will find something wrong with your current installation.
Try to manually sandbox an application and see what happens.
Make sure you do a fresh install of CIS Beta (i.e. do not install CIS Beta over the old version or via updater in CIS interface).
If you did a fresh install the 1st time, try to re-install CIS Beta (something corrupted in 1st install?)
What kind of ■■■■■■ coding is this then!? I have NEVER encountered a single program that would fail to operate under any kind of virtual machine. I’d really like to hear some clarification from egeman.
It’s even more strange that this changed during beta testing of the same version, just a different build.
Hey, CIS is not a software FOR VM, it’s protection software for real machines.It’s not required to work under VM.
If work-OK, if not-sorry.The most important thing is to work fine in real environment.
True? after the release of this RC I have done a question to egeman if the problem with vectors(which is the problem in using CIS with virtual box) is still in this version have he have said that the problem is still there. He have not enumerated other vm software. So I share the same opinion as rejzor
“That’s just a lame excuse. How come not a single program from ANY other vendor has problems with ANY kind of VM ?”
Well who cares what’s real and what’s not. Other security programs don’t care and work in both. Just CIS has to be something super extra special. If it can’t run in virtual environment, i have lots of doubts about being capable of running properly on real systems as well…
khm, if vm does not have enough API to simulate “real” environment that is certainly not problem of CIS on the contrary it means CIS covers/working with much more API than any other program you tested IMO
It’s actually funny how you all treat me as flamer and god knows what else, but i’m just being realistic.
If i have red eyes all the time and 9 other ppl don’t, this means there’s something wrong with me and not with other 9 guys. In CIS’s case, if all other programs tested to date (and i’ve tested loads of them from HIPS, behavior analyzers to classic AV’s down to registry editors, cleaners, defragmenters tweaks etc etc) in VM and none has ever had any kind of problems with VM, i can only conclude that there is something badly wrong with CIS or the way how it’s coded. Period.
And if you all look at me now as some annoying ***** complaining on your beloved forum, this is beta section the last time i checked. Now, tell me, how will you test CIS properly if it doesn’t work in VM ?
Are you going to run live malware on your real system for the sake of testing? Because i always beta test programs with actual live malware and i’m not that stupid to do it on my main system.
It’s how i tested avast!, it’s how i tested BitDefender, it’s how i tested Kaspersky and 50 other security programs. Comodo was also tested this way. Up until now. Don’t tell me you all have a spare system dedicated only for beta testing…
I also hate poor communication between testers and programmers. They only mentioned VirtualBox. No one ever mentioned VirtualPC. I’ve complained over this twice so far, one complaint over non functional sandbox few days ago in the CIS XXXX RC released thread and now here. No one cared, programmers the least. I said “sandbox doesn’t seem to work”. It’s like i was a car tester and would say that care engine doesn’t seem to work and no one would care. It’s the core element that HAS to work and someone should be interested in why is so. But no one did. You’ve just taken the “it doesn’t work in VM” for granted. I just can’t accept that without any solid explanation why CIS as the only program has this idiotic limitation. Because if they continue insisting to code it this way you can kiss goodbye any proper testing in the future.
Now EricJH, prove me me the part “you know that its not true”. Is it? Or is it not? Based on what can i know that this isn’t true? Because i cannot think of a single thing…
every other program works fine in vm.