Does Comodo AV detect files running inside its sandbox?

Hi can anyone using CIS 6.2 verify this for me.

(1) If I run Firefox or IE sandboxed (right click - run in sandbox), does Comodo scan the files which I download or execute. I tried the EICAR test file and CIS did not detect it, it just blocked access.

(2) If I download the EICAR file from Firefox (normal mode without sandboxed), the file is only detected when I execute it not upon download.

Note I am using CIS with default setting on XP.

Kind regards

This, is probably normal due to the file already being sand-boxed which the file cannot do any harm to the system. If you download the test file without sandbox and it is detected then everything should be working fine. :a0 :azn:

It will be blocked silently when running in the sandbox. That’s how it is meant to work.

Hi thanks for your reply, but the number of detected threats in the UI did not show any increase ,that’s why I was wondering what was happening.

As for firefox, even when I run it outside the sandbox, the file is detected only upon execution. Is that also normal?

Thanks

I would say yes, I have the same thing with Google Chrome. Edit: Apparently I do not have the same thing with Google Chrome.

It must be a bug then, try it with IE the file will be detected immediately upon download.

Actually I just tried the eicar test file and it was detected on download. In my last post I spoke of the experience I had before I re-installed CIS (I re-installed CIS yesterday) The re-install seems to have fixed some issues including that.

Hmm when I change the AV to On Access I do not have this problem. This only happens when the AV is set to Stateful. Well I’ll leave it here, maybe it’s by design.

Thanks