Virtualizing portable version (ThinApp) of 'Firefox v45' does not work [M1784]

A. THE BUG/ISSUE (Varies from issue to issue)

Can you reproduce the problem & if so how reliably?:
Yes. Every time.

If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1: Get portable application : http://heaven.hostoi.com/Firefox.7z
Mirror : Microsoft OneDrive - Access files anywhere. Create docs with free Office Online.
2: Launch ‘firefox.exe’
3: Launch ‘firefox.exe’ as fully virtualized (right-click > run in sandbox)

One or two sentences explaining what actually happened:
You will notice that Firefox does not launch due to 0xc0000005 error (referring to both non-virtualized & virtualized envirnoment).

One or two sentences explaining what you expected to happen:
The portable application should start & run normally.

If a software compatibility problem have you tried the advice to make programs work with CIS?:
N/A
Any software except CIS/OS involved? If so - name, & exact version:
Portable version of Firefox created with ThinApp : Virtual Applications | Virtual Apps | ThinApp | VMware
Any other information, eg your guess at the cause, how you tried to fix it etc:
1: Apparently, you cannot virtualize the application probably due to ‘cmdvrt64.dll’.
2: Without certain modifications to configuration, mentioned application will not work (while not being virtualized; non-virtualized environment). Work-around is presented here:
https://forums.comodo.com/bug-reports-cis/virtualizing-portable-version-of-firefox-created-with-thinapp-does-not-work-t115304.0.html;msg833458#msg833458

B. YOUR SETUP
Exact CIS version & configuration:
CIS 8.2.0.5005, Configuration : Internet Security
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
Default
Have you made any other changes to the default config? (egs here.):
No.
Have you updated (without uninstall) from CIS 5, 6 or 7?:
No.
if so, have you tried a a a clean reinstall - if not please do?:
Yes.
Have you imported a config from a previous version of CIS:
No.
if so, have you tried a standard config - if not please do:
N/A
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Real system: Windows 7 Ultimate, SP1, x64, UAC = standard, Administrator
Virtual machine : Vmware
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
None.

[attachment deleted by admin]

Please provide a direct link to mentioned application.

Thanks.

With pleasure if you guys can solve my problem.

http://heaven.hostoi.com/Firefox.7z

That’s interesting. It seems that a certain portable version of Firefox is affected. The one provided by PortableApps is not affected.

Where did you get that version (officially) if I may ask?
Thank you.

A friend of mine portable’d it via Thinapp. I think he uses the latest version, which supposedly would be 5.2.1.
Any clues on what might cause this or any ideas for a fix/workaround?

It seems to be caused by cmdvrt64.dll. As a work-around, add ignore rule in Auto-Sandbox for mentioned application (‘firefox.exe’).

Hope it helps.

Why the heck are you working on Sunday? Anyways, a big thanks for your help!

First to verify I understand your fix: Under Security Settings → Defence+ → Sandbox → Auto-Sandbox I should add an “Action = Ignore” rule for the firefox.exe application? Well I tried that and it didn’t help, the application still doesn’t even get that far as to create the portable Firefox folder next to firefox.exe.

What makes you think cmdvrt64.dll is the cause of this problem? Did this fix the problem for you? As mentioned above I tried before to disable the Auto-Sandbox module or even CIS altogether, but it didn’t change anything.

Any other ideas?

I’m a volunteer.
The wok-around is OK on my system. Additionally, try to set rating of ‘firefox.exe’ to trusted in File List & Reset Sandbox. Any effect?

I created a dump file of ‘firefox.exe’ while experiencing the issue and checked it summarily.

[attachment deleted by admin]

You sure are a motivated volunteer!

Just to make sure again: In Security Settings → File Rating Settings → File List I changed firefox.exe from Unrecognized to Trusted. Afterwards I reset the Comodo Sandbox multiple times and also rebooted the PC, again with no luck.

From your screenshot I can see that the application launches and creates its Firefox working folder. There seems to be anonther issue, but at least it gets as far as to tell you that. Now what is the difference between our systems? What do you have installed and I don’t or vice versa that makes it work for you and not for me? Strange enough in an completely clean VMWare Player session I also installed CIS and firefox.exe behaved the same way, it didn’t even open …

It might vary with operating system.

1. Add ignore rule in Auto-Sandbox.
2. Change rating to trusted in File List.
3. Add exclusion at HIPS Settings ~ shellcode injections.
   Should work now.

Ohmigosh, it’s finally working! The tip with adding the portable application as an exception to the HIPS shellcode injection list did the trick!
Now it all comes together: No matter where I tried, by default shellcode injection gets blocked by Comodo. The strange thing is why it still was blocked when HIPS was disabled or when Comodo was shut down …

Anyway, thank you so much for your help and patience, qmarius!
As for the Comodo Team I would like to thank you for CIS, keep up the good work with this awesome application and also make sure to keep around the motivated volunteers!

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again.

Hi,

Could you maybe check with a newer version of (ThinApp) Firefox? They suspect that it’s a Firefox issue.

Thank you.

Hey there qmarius,

Happy to see you folks still try to squash this bug.

I am certain it is not a Firefox bug, as I had this problem with various versions of 64bit Firefox and other portable 64bit applications. It also tried various 5.x versions of ThinApp and Comodo always had the same issues with the portable 64bit applications, blocking their execution.

Could you check with <10.0.0.5144> beta version & Firefox version 47 or newer?

Thanks.

I see what I can do but I won’t promise anything as it is quite inconvenient for me to set up your scenario.

I’m afraid that processing will not continue until you check it. Please keep me updated.
Do note that you could check it when stable version is released but it is recommended to check it sooner (against beta build, for example).

Thank you.

Just made a “hello world” application with ThinApp and had no issues against beta version. After that, I have tested it with Opera browser and had no issues. It’s a Firefox issue. Not CIS.
Moving to “Resolved” section.