Secure Shopping disrupts Sandboxied programs

A. THE BUG/ISSUE
Can you reproduce the problem & if so how reliably?:
Always.
If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1: Start inside the Sandboxie any application (for example IE or Dragon browser) that connects to internet to a https (443) port.
2: Quit the application or stop with Sandboxie’s “Terminate Programs” or “Delete Contents”.
One or two sentences explaining what actually happened:
The Sandboxied application looks like it has been terminated (GUI was closed) but in the background the application processes are still active and can not be broken even with KillSwitch.
One or two sentences explaining what you expected to happen:
Sandboxied applications should be stopped immediately.
If a software compatibility problem have you tried the advice to make programs work with CIS?:
Yes.
Any software except CIS/OS involved? If so - name, & exact version:
Sandboxie 5.16 x64
Any other information, eg your guess at the cause, how you tried to fix it etc:

  • CIS Settings->Secure Shopping->Enable Secure Shopping Protection: OFF - did not help.
  • Uninstalling the Secure Shopping fixes the issue.

B. YOUR SETUP
Exact CIS version & configuration:
CIS Premium 10.0.0.6092
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
Default configuration: COMODO - Internet Security.
Have you made any other changes to the default config? (egs here.):
Sandboxie executables added to exclusions in AV/HIPS/Detect-shellcode-injections modules and Auto-Sandbox rule as Ignore.
Have you updated (without uninstall) from CIS 5, 6 or 7?:
No.
Have you imported a config from a previous version of CIS:
No.
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Windows 7 SP1 build 7601 x64, UAC: default, account type: administrator, V.Machine: VMware Workstation 12 Pro 12.5.2 build-4638234
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=Sandboxie 5.16 x64 b=none

Try the following:
Sandboxie → Sandbox settings → Resource access → File Access → Blocked access → Add:
%SystemRoot%\System32\cssguard64.dll

Is it better?

Big thanks for the suggestion :slight_smile: Works.
Unfortunately, did not help at the beginning, but after a few experiments all ok:

  • In addition to file cssguard64.dll, also I added cssguard32.dll
  • I noticed that these files are in different locations (%SystemRoot%\System32, %SystemRoot%\SysWOW64 and \Program Files (x86)\COMODO\COMODO Secure Shopping), so I expanded the scope paths with ‘*’
  • For more compatibility with multiple sandboxes I added the modification directly to the config file in [GlobalSettings] group.

So finally added lines looks like this:
[GlobalSettings] ClosedFilePath=*\cssguard64.dll ClosedFilePath=*\cssguard32.dll

Great. Not really a bug but more of configuration issue between products. Glad it worked.

Does this also stop the BSOD for your other bug? https://forums.comodo.com/format-verified-issue-reports-cis/cis10-with-secure-shopping-opera-inside-sandboxie-bsod-m2135-t117573.0.html

Yes, it helped. I added a post in that thread.