Add Option To "Terminate Processes Running In The Sandbox" [M1274]

1. What actually happened or you saw:
Currently CIS only has an option to “reset sandbox”. This will kill all processes and delete all data. If the user is running the Virual Desktop they can also Exit the desktop and restart it and all sandboxed processes will have been killed. However, for those applications which are automatically sandboxed as Fully Virtualized, there is currently no way to kill these without either resetting the sandbox or restarting the entire computer.

2. What you wanted to happen or see:
I would like to see an option to just terminate all running programs in sandbox, rather than reset everything.

3. Why you think it is desirable:
I want to use the sandbox and retain data there, so an option to just terminate all programs in the sandbox is what I think is a good idea. It would benefit many users as it would also allow users to quickly select that button, for example just before performing sensitive surfing, to make absolutely sure that there are no dangerous processes running.

This is an interesting wish. However, allow me to play devil’s advocate. Shutting down the Virtual Desktop automatically kills all processes, and then prevents them from starting when it is restarted. Thus, in a way this is already accomplished by closing and restarting the sandbox, without having to Reset the sandbox.

I agree it should work as you say and I think as you say is the intended behaviour.
However it doesn’t always close the process as intended for some reason, maybe a bug? :-
Just tested the following example:
Win 8.1 64-bit.

  1. Open VD.
  2. Open CCleaner within VD.
  3. Close VD without closing CCleaner.
  4. Check Windows task manager and note CCleaner is still active.
  5. Re-open VD and CCleaner opens automatically.
captainsticks, does KillSwitch show that Ccleaner is running as Fully Virtualized? If so, and also I suppose if not, I believe this is a bug. I was nearly certain that the intended behavior is that closing it closes all running processes.

I don’t use the Virtual Desktop, I mean running programs sandboxed as “Fully Virtualized” or when right clicking a browser and running it in the sandbox.

Thanks. I just edited the first post. Does everything look correct?

Yes, everything looks good. :-TU

Yes it does show ‘FV’, I will try to create a bug report in the tracker over the next day or so.
Please PM if you need to discuss this further, thanks.

Netguy101 apologies for being off topic, I realise now that your wish is using a different scenario than I originally thought.

Very good idea :slight_smile:

I’ve voted “Yes”.
It’s actually just a part of one of my under-the-hood ideas.

However, I have an interesting question. Where do you foresee this option?

In the Sandbox tasks area, there is an extra space. Maybe Comodo can put the option there?

I love this idea, so voted Yes, I sometimes have issues with games that use launchers. They are always updating the launcher and then Comodo flags it again to sandbox cause I have it Untrusted, then i need to completely close the app and re-run. CIS is awesome and any little tweaks you could add would be much appreciated.

I forgot to mention that your idea is indirectly limited by design (currently). The suggested action will affect only “Fully Virtualized” applications.


In the next version of CIS, all unknown applications will be Fully Virtualized so I think this will be useful.

