File System Virtualization

I did a small test for D+ and Comodo Sandbox in sandboxie. I have observed that some of the files has actually slipped onto the c:\sandbox folder eventhough the malware has been sandboxed automatically by Comodo.

Good News is that -

  1. Comodo actually isolated both the samples but it did not virtualize the dropped files.

So, Is there any setting needed for automatic isolation, So, that files will not slip away from Comodo Sandbox.
Or will it be added in the next version sth like v4.2 or v5.0…whatever the version it is…:slight_smile:

And last i appreciate Comodo Dev team in making sandbox so much stronger with just 2 iterations…


[attachment deleted by admin]


  1. Is the virtualization enabled in Sandbox (Defense + > Sandbox > Sandbox settings)?

Files that were automatically added Sandbox Labs will be sent automatically to Comodo for analysis. After analysis, if these are found as malicious, the files will be deleted and their signatures will be added to the database.


When the application is automatically sandboxed the virtualization feature is not used. So it can drop files but the files can’t harm the system.


Ovidiu, Yes Virtualization is enabled.

DiSP, Sorry i did not get you. File system virtualization is part of sandbox. So, i believe when an app is sandboxed the whole file system should be virtualized.


actually if you are looking for the ordinary sandbox which uses a virtual registry + files , I suggest that you stick with sandboxie , because as one of the guy here , I’m sorry I just can’t remember where , this sandbox is not meant to replace your sandboxie

but I like comodo sandbox since some applications can’t b run so you can’t see the danger of it inside the sandboxie < yeah believe me there are some crypters out there that can do such a thing

so it’s up to you at the end which 1 u use , for me I use both of them but for daily use , comodo sandbox is just what I need