Comodo 5.0.162636.1135 - Defence+ doesn't report all events when sandbox enabled


I just remarked that when the Comodo’s sandbox is enabled there are less pop-up in both cases : when you accept to run a program in sandbox and when you refuse.

So I’m a bit perplex at this, because when I’m testing some “not sure software” and I select “allow” (when I have the choice of “sandbox” / “allow” / “Deny”) Comodo won’t warn me that the program wants to create another file or wants use “malware + heuristic” maneuvers …

But, if I disable the sandbox, Comodo behaves normal and warns me about everything.

So, is there something I should know about the sandbox or should I enable it only when I want to use it, because if I keep it enabled I lose some features or is it a bug.


Windows 7 64-bits
CIS 5.0.162636.1135
Virus database : 3822
Firewall = SAFE MODE
Defense + = SAFE MODE


must signal a change, this only happens when configuration is set to “PROACTIVE” on the “firewall” and “internet security” everything is fine.

Also, virus database = 6157 … i had took a copy paste of my config

What is the alert you get? Can you post a screenshot of it?

Does it ask for unlimited access to your computer?

Ok, made some more tests :

1 - with “Proactive” and “Internet security” if Sandbox enabled, I am asked for unlimited access to the computer and there is no more D+ popup (even if I choose to not Sandbox the program). If Sandbox is disabled with these 2 configs, the normal popups like “is trying to create a new file” … will be asked but I won’t be warned about the “unlimited access”.

But still, if I choose not to sandbox the program (or even if chose to sandbox), I would like to have complete control over every program request that I normally get. Because I like the idea of leaving the sandbox always enabled.

2- With the “firewall security” config, in either case, nothing is altered, I will receive the same D+ with sandbox enabled or disabled … but it won’t ask for unlimited access and won’t offer .

Maybe I hadn’t completely understood how your sandbox affects comodo’s reactions.

Screenshot 1 & 2 = the first case (proactive or IS + sandbox enabled)

screenshot 3-4-5 = second case (firewall)


[attachment deleted by admin]

I never use the Firewall Security configuration so I enabled it.

I would have expected it to behave the same way with disabling the sandbox as with Proactive or Internet Security but it didn’t. With Firewall Security you get the old style alerts regardless of whether the sandbox is enabled or not.