I’m not sure if this question belongs in the AV question part of the forum, but I put it in here because I didn’t download the antivirus. My question is, I’ve submitted a file for review to see if it is safe to Comodo. When Comodo checks it out, do they take it out of the sandbox if they deem it safe or do you have to take it out yourself?
Yes, before it is run it will be checked to see if it’s in the safe list. Therefore as long as you didn’t tell the sandbox to always sandbox it should be fine.
Well, I didn’t tell it to be sandboxed. Comodo ended up sandboxing it on its own.
Then when it’s added to the whitelist the next time the program goes to run it will be recognized as safe and allowed to run outside of the sandbox.
so even if I have the sandbox set to block unknown files, if it is deemed safe, it will be allowed to run on my computer if Comodo put it there on its own?
When you tell it to block unknown files these unknown files are those that you have not manually added to the safe list or those that have not been added to Comodo’s safe list.
Therefore if Comodo analyzes the file and adds it to their whitelist the file will then be trusted on your computer as well. Therefore the file is no longer unknown.
well the thing is, when the file was trusted by Comodo, it was allowed to install on my computer, but it remained in the sandbox, so I just removed it since it already installed on my computer. Does this mean that I have to always get rid of files myself even if they are trusted if they are not removed by the sandbox?