I have latest versions of both these programs, and each has its own sand box. Will these clash and should I disable one or the other, and if so which one? Cheers.
Hey and warm welcome
You have to choose which sandbox you want. if you choose CIS then uninstall Avast otherwise disable CIS sandbox by right clicking on CIS tray icon → Sandbox level → disable. Having two AVs, Hips, HIPS+behavior blocker or firewalls is not good.
Regards,
Valentin N
Valentin: Can I throw in a question; Will ‘partially limited’ sandboxed programs be able to delete or alter local files to the user currently logged in?
Can it still create havoc to the local files?
Thanks for your prompt reply. I do not have Comodo Antivirus installed, just the firewall component. I have disabled sandbox in the firewall as Avast does not have the option to disable. 
I recommend that you use Avira antivirus instead, it has the definite highest detection on the market. That way you can also get rid of the sandbox in avast. (Unless you bought Avast already ofcourse, that would be a waste)
I use Comodo’s sandbox. it is vastly superior to Avast 6.0 version. When I tested Avast’s sandbox, it did not run correctly what it sandboxed. Actually it sandboxed a system utility I use that is safe and Comodo allowed with no problems.
Then there are all the options you have with Comodo’s sandbox such as the run once capability with the option to set trust level.
You don’t uninstall Avast’s sandbox. All you need to do is open up the sandbox settings and uncheck the option for it to run.
avast does have this option. File Shield expert settings.
But if you want to choose, D+ has a more restricted autosandbox policy, i.e., will autosandbox everything unknown. avast will only autosandbox based on signatures/rules/analysis.
[attachment deleted by admin]
Of course, the program is sandboxed… real system is completely isolated and only programs already installed would work in this scenario.
What do you mean? Was it autosandboxed by avast? You can set avast to “Ask” what is and what will not be autosandboxed.
Normally they shouldn’t be able to change anything; these programs are in virtual environment which means that changes made by that application shouldn’t affect the system. They may access some part of the system files but registry changes are not allowed
here is comodo’s explanation
The application is allowed to access all the Operating system files and resources like clipboard. Modification of protected files/registry keys is not allowed. Privileged operations like loading drivers or debugging other applications are also not allowed.
I advice you read this if you wish to obtain more knowledge.
What do you mean? Was it autosandboxed by avast? You can set avast to “Ask” what is and what will not be autosandboxed.
Correct. Avast did ask me if I wanted to run the application in the sandbox.
If I had to rate both sandboxes on a scale of 1 to 10, I would give Avast’s a 3 and Comodo’s a 9. Avast’s sandbox has minimal features.
Do you know the difference of full sandboxing (on demand) and autosandboxing (on access)?
Do you know how avast works?
Otherwise you’ll be comparing apples (signature/rule based) with oranges (all non whitelisted files).
Otherwise you’ll be comparing apples (signature/rule based) with oranges (all non whitelisted files).
I assumed Comodo’s auto sandboxing had both capabilities? I thought if Defense+ hueristics detected malicous activity it would auto sandbox it regardless of signature?
When an executable is first run it passes through the following CIS security inspections:/Src: Unknown Files: The Sand-boxing and Scanning ProcessesAntivirus scan
Defense+ Heuristic check
Buffer Overflow check
If the processes above determine that the file is malware then the user is alerted and the file is quarantined or deleted