About virtualization and sandbox

For the automatic sandbox feature in CIS to work there is no need for full virtualization.
For me it would be just fine to make CIS log every action made by a unknown automatically sandbox app.
Then in case it is malware, CIS could remit to the logs and erase every action the app has done.
Just the way like Defensewall works.
It would lessen the incompabilities generated by fully virtualizing an app, but keep the user safe.
Because right now the problem with the auto-sandbox is that malicious files are left around, even if they do not harm the system.

That’s an interesting idea. :-TU

Let’s hope and wish Comodo would implement such a thing. O0

Let's hope and wish Comodo would implement such a thing
Right off the top of my head, I don't see anything wrong with that idea, so

+1 (:CLP)