Can you reproduce the problem & if so how reliably?:
Yes. On every instance of running Trojan.Shutdowner in Sandbox system will shutdown/cis.exe crashes.
If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1: Right click on Shutdowner zipped file and select Run in COMODO Sandbox in Context Menu
2: File sent to Sandbox and extracted, then run executable in Sandbox
3: System immediately restarts/cis.exe crashes
One or two sentences explaining what actually happened:
I downloaded a Shutdowner file to the desktop. I right-clicked on the zipped folder and selected “Run in COMODO Sandbox” from Context Menu. The zipped folder was extracted within the Sandbox (green border). I then right-clicked on the executable file and selected Open. The Shutdowner proceeded to open a command window, immediately the sandbox and cis.exe crashed, and then forced system restart.
I would expect that a more aggressive Shutdowner may attempt to infect, corrupt, overwrite, and/or delete files.
One or two sentences explaining what you expected to happen:
I expected that an executable run inside the Sandbox would not be able to shut down the system. In other words, I would expect CIS 8 to protect itself, and the system, against any unauthorized system shutdown - especially one from within the Sandbox or Virtual Kiosk.
If a software compatibility problem have you tried the advice to make programs work with CIS?:
Any software except CIS/OS involved? If so - name, & exact version:
Any other information, eg your guess at the cause, how you tried to fix it etc:
B. YOUR SETUP
Exact CIS version & configuration:
184.108.40.20691, Internet Security configuration
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
AV, Viruscope, Firewall - enabled HIPS, Auto-Sandbox - disabled
Have you made any other changes to the default config? (egs here.):
Enhanced Protection (for x86-64 systems) - enabled
Scan computer memory at startup - enabled
Have you updated (without uninstall) from CIS 5 or CIS6?:
if so, have you tried a a a clean reinstall - if not please do?:
Have you imported a config from a previous version of CIS:
if so, have you tried a standard config - if not please do:
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Windows 8.1 x86-64 OEM, UAC “Alert me when make changes to system,” Administrator privileges, No virtual machine used
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a= Windows Defender - disabled b= Windows Firewall - disabled
[attachment deleted by admin]