[Reopen] BSOD of AIS Sandbox

I’ve uninstalled CTM 175 beta by the console because I had two BSODs with the same CTM driver CTMFLT.SYS.
I suspect it could be related to avast Sandbox. It was the only change in my system in the last 2-3 days.
I was working with Firefox sandboxed.
Can you, please, test?
I do not have the memory dump (as you already know that CTM blocks it).

Error message:
A driver has overrun a stack-based buffer
CTMFLT.SYS
0x000000F7 (0x8D19BBC3 0x83A59125 0x7C5AGEDA 0X00000000)

Thanks.

I have to say that I’m impressed by the way you stick with testing out CTM.

To slightly misquote Rudyard Kipling, “You’re a braver man than I am, Gunga Din” ;D

Did you try blue screen view http://www.nirsoft.net/utils/blue_screen_view.html
and can you give us a report of your drivers,use your preferred tool or use hijack hunter:
http://www.novirusthanks.org/products/hijack-hunter/

When the Windows is handling the blue screen dump, drivers are not loaded. CTM drivers can’t be loaded and the disk is protected to modifications to save the snapshots integrity. I don’t have a dump to be analyzed.

It’s not a matter of malware, but driver conflict.

I believe in software development.
I believe in freewares.

pk, is there anything you could help me?

Quote from: superhacker on Yesterday at 07:42:11 PM and can you give us a report of your drivers,use your preferred tool or use hijack hunter: http://www.novirusthanks.org/products/hijack-hunter/ It's not a matter of malware, but driver conflict.
I know you are malware free but i want to know what drivers you have so may i can determine the buggy driver

I’ll take a look. Thanks.

I wish I get some kind of help here from the programmers. I’m quite suspicious it is related to avast sandbox also.

Well, now is the avast sandbox driver which is BSODing.

I’ve got a BSOD:
aswSnx.sys 0x00000050 (0xE507B374, 0x00000000, 0x8B911512, 0x00000000)
PAGE_FAULT_IN_NONPAGED_AREA

Can you test the beta version of the CTM?
The BSOD I’ve got when I was trying to upload a file (picture) in the avast forums.

Could you get in contact with Doskey (the product manager of Comodo Time Machine)?
Here is the thread it was being discussed https://forums.comodo.com/bug-reports-ctm/ctmfltsys-bsods-0x000000f7-with-175-beta-t58907.0.html;msg414025#msg414025

Tech, thanks for your feedback.
Without dump, it’s very hard (and mostly impossible) to figure out what exactly went wrong - you know only type of BSOD from those four numbers… The only way is to install CTM beta and monitor BSODs in our debugger…

Can you do that for me, please?
The error occurred in the sandbox driver when I’ve tried to upload a screenshot to avast forum.

CTM prevents the dump file to be saved and its developers said it is impossible to have their drive ON while Windows is crashed and the dump is being saved.

Tech… alright, what’s your OS? Win7 x86?

Win7 Pro 32 bits
Thanks for the support.

Installed the latest CTM (build 175), but I wasn’t able to start the program after reboot… see screenshot, I’ll wait for the next build.

tested on: multi-boot system, Win7 32-bit

Will it help if you get remote access to my system?

Right now I’ve disabled avast sandbox to avoid BSODing.

The error you’re seeing seems to be related to multi boot systems.
You need to install in all running operational system.
The console (the "critical subsystem) is only installed after all operational system has CTM.
You need to choose the proper options while installing.

pk, did you make any specific change into the sandbox to correct this error?
Comodo said it was a problem in their side and will be corrected in the next CTM version (https://forums.comodo.com/bug-reports-ctm/ctmfltsys-bsods-0x000000f7-with-175-beta-t58907.0.html;msg427463#msg427463)
But they don’t release a new version and the problems disappears with avast 5.0.668 beta.

So, did you correct this error?

You said I need to install CTM in all installed OSes. Since my PC has about 10 different OS configurations, I tested CTM only under VMWare.

Thanks.
Seems that changes in the beta changed the behavior (conflicting)… Who knows…
I’ll post elsewhere the problems I’m facing sandboxing Firefox.

No. It’s not. My computer BSODed again.
aswSnx.sys
0x00000050 (0xCAADC70C, 0x00000000, 0x8BAD052A, 0x00000000).
Seems I need to wait for the next CTM version (middle of September) to test avast sandbox again.

please send me your aswSnx.sys driver, I’ll follow the numbers to find the location…
do you have GMER on your computer? please run it (or download here: http://www.gmer.net/#files), go to Modules tab, find aswSnx.sys and copy&paste its memory address, thanks

Seems I need to wait for the next CTM version (middle of September) to test avast sandbox again.
how come? ;)
please send me your aswSnx.sys driver, I'll follow the numbers to find the location... do you have GMER on your computer? please run it (or download here: http://www.gmer.net/#files), go to Modules tab, find aswSnx.sys and copy&paste its memory address, thanks
pk, I'll be traveling 5 days and will have very little connection. I'll send it to you but, you know, it will be difficult to continue testing these days. Sorry.