Sandbox

khanyash · March 10, 2015, 11:19am

I use CIS with no AV & CIS set to Internet Security with default settings.

I tried trojansimulator.exe from testmypcsecurity.
It was sandboxed & trojansimulator mentioned installed.
I reset the sandbox & ran trojansimulator & it mentioned not installed.
So reset sandbox reverted trojan install - This is the way sandbox works & correct.

I tried deletevolume.exe from testmypcsecurity.
It was sandboxed & E drive was deleted.
I reset the sandbox & E drive still didn’t appear.
I manually went to storage management & asssign the letter for E drive.

Though one can manually assign the letter, CIS sandbox doesn’t protect against the deleting of drive?

SanyaIV · March 10, 2015, 11:28am

Try doing the same test again but this time do the reset and reboot, still not back to normal?

khanyash · March 10, 2015, 12:28pm

I think, had restarted the system.

Currently CIS is not installed.
Can anyone do this? Its a simple harmless file & doesn’t take much time to test.
Win 7 64

SanyaIV · March 10, 2015, 6:02pm

I tried to run the application in question in the sandbox but was unable to do so, unable to run it on my system.

Please test it again when you have the posibility, both with the auto-sandbox and by manually right-clicking and choosing to run in COMODO Sandbox, also make sure to reboot after the sandbox has been reset. If the issue still persists please create a bug report.

khanyash · March 10, 2015, 6:39pm

What do you mean by “unable to do so”?
If you mean nothing appeared, this is how it is.

You just have to double click it & check if all your drives are there.

SanyaIV · March 10, 2015, 6:59pm

Crashes with an error.

khanyash · March 10, 2015, 7:31pm

Are you using Delete Volume from testmypcsecurity?

Are you running Internet Security Config with Default Settings?

Mine is Win 7 64
Whats your OS?

SanyaIV · March 10, 2015, 8:26pm

Yes I am using Delete Volume from testmypcsecurity, I’m using Proactive Security (highly customized) however I launched it by right-clicking and clicking “Run in COMODO Sandbox”

Using Windows 10 Technical Preview Build 9926 64bit

Also tried running outside of sandbox with HIPS disabled and CloudAV disabled, still the same error, just won’t run on my system so I can’t be helpful in replicating (probably because of Windows 10)

khanyash · March 10, 2015, 8:41pm

Yes, I think its crashing coz of Win 10, not compatible may be.

khanyash · March 11, 2015, 6:25am

OK, I checked & the drives were deleted.
So is the drive deletion not protected by CIS sandbox?

SanyaIV · March 11, 2015, 7:21am

It should be, applications inside the Fully Virtualized Sandbox should not be able to change things on the real system.

Please create a bug report for this issue.