I need a "Do Over". How to remove any consequences of previous SandBox use.

Two months ago a SSD was added to my system, and Windows etc. needed a full installation.
I was happy with C.I.S. v 5.7 and earlier, and never used any Sandbox
C.I.S. v 5.9 by default enabled the Sandbox and I decided to risk it.

I now know that Sandbox is not compatible with me.
When I install something I depend upon a definite installation, with relevant EXPLICIT “deny” alerts.

I like to think that in-spite of problems (now resolved) with the installation of LastPass to a Browser,
the rest of my system is now functional and I do not need to re-install Windows again.

Comodo shows that I have 34 unrecognised files as a result of previously using the Sandbox
I click Purge and am told they are all valid.
I assume “Delete File” will destroy files that I may need again,
so do I use the REMOVE button.

Do the Comodo registry keys and values hold any more significant bloat as a result of using Sandbox ?
Would I gain any benefit from using Windows 7 “Program Features” to “Uninstall/Change” Comodo,
or to even totally remove and then re-install Comodo.

I currently have selected the “Internet Security” configuration
Alternative configurations are “Proactive” and “Firewall”
I am using the Levels :-
Stateful - A.V.
Safe Mode - F.W.
Safe Mode - Defense+
Disabled - Sandbox

I assume that my protection is fully defined by my use of the above 4 Levels, and is not affected should I choose a different configuration so long as the levels are adjusted to be the same.
Please educate me if I am wrong.

Should I reconsider the above Levels ?


I would suggest using Proactive Mode to prevent unauthorized outgoing connections. There are a lot of programs that don’t need to “phone home”.

Once active, I would suggest:

AV - Stateful
FW - Custom Policy
D+ - Safe Mode
Sandbox - Disabled

I use the above settings with little interruptions (except, I have the Sandbox enabled).

Custom Policy Firewall it is then.

What is the difference between the “Internet Security” and “ProActive” configurations when using this setting.

When I switch from “Internet Security” to “ProActive” I am told a PC Restart is needed to take effect,
and I click NO, then I am told it has been activated successfully even though there is no restart.
I notice that the Firewall level remains “Safe”
Similar results when switching back.
No restart needed between “Internet Security” and “FireWall”

Is it possible that when I switch to ProActive and agree to the PC Restart then during the restart the FireWall is set to “Custom Policy” and special “OutGoing” rules are automatically established ?


The differences between the 3 configuration options concern only Defense+. Following the option chosen more/less features will be activated and more/less files, registry keys, Com interfaces will be protected in Defense+.

You’ll find a description of each one here Comodo Preset Configurations | Comodo Internet Security | Comodo Internet Security v5.9/5.10

It’s been a long time since I switched from Internet Security to Proactive, so I don’t remember having to restart. If you are prompted, I would restart just to be sure. Proactive excludes the “allow all outgoing” in the global configuration settings. If a program wants to call out, you’ll be prompted for permission,where you an allow its connection if you want. It’s safer than Internet Security because you’ll be alerted to any program that’s trying to connect to the Net, but you may have to answer prompts for a short while until you get your programs configured. After that, it’s pretty quiet.

Am I advised refrain from un-install / re-install of Comodo ?

[at] Boris
Thank you for the link to the help file.

[at] L.A.R. Grizzly
Thank you for the explanation.
I accept your advice to use “ProActive” configuration as my normal protection mode.

I also need a special “Isolated Allow All” protection mode.
In principle this Isolates the computer from the Internet with the Firewall set to Block All,
and sets A.V. and Defense+ to Disabled so that without any interference :-
Applications can be installed ;
Partition Managers are not interfered with as Partitions are created, removed and resized ;
CCleaner and TeraCopy can instantly process lots of files with any Scan on Demand A.V. delays or defense rule lookup delays.

In the past I have modified the protection levels of the “Firewall Security” Configuration to allow an easy transition from normal mode to special mode, but am open to suggestions.

A special benefit of my special mode is that it accommodates the Comodo deficiency that was introduced around version 2.* when the notification icon forgot to change color for different levels of protection.
It accommodates the problem in that if I forget I have disabled A.V. etc then I remember after 2 or 3 failed attempts at connecting to my favorite sites.

Incidentally, on rare occasions I have needed a “super special” mode in which the Firewall is also fully disabled, but with the Internet physically disconnected.
Unfortunately I need to find the correct cable to pull and afterwards the correct socket to plug back in.
I would appreciate advise on a convenient “keyboard” way to achieve the same effect whilst the Firewall is Disabled.

I have not yet discovered WHY I need this mode, I just know that several 5.? increments ago I found that a *.VBS script could iterate many times a second continuously in that mode,
but suffered perhaps 5 second pauses repeated at 55 second intervals if the Firewall was set to Block All and the Internet was connected.
During those pauses a *.BAT script was independently iterating without any pauses.
The *VBS was using one of my 4 cores whilst the *.BAT was using another.
I suspect that although the Firewall was set to BLOCK ALL the operating system could detect if the Internet was on the other side and would pause the CSRIPT or WSCRIPT engines in an attempt to connect to I know not what.


There is no need to disable D+ when installing programs. With the sandbox enabled disabled just give the installer the Installer/Updater policy and be good to go. In some cases the choice for Installer/Updater may not show up. In that case give the installer the Windows System Application policy

Sandbox and I are not compatible and shall be divorced.

I am accustomed to clicking on things that I want to do and either having it done,
or alternatively receiving a Defense+ Alert due to Default Deny mode,
in which case I can make a decision.

An Invisible Default Accept mode with reduced privilege is not acceptable.

I was fooled once - shame on Sandbox.
If I am fooled again then shame on me ;D

I am overloaded by the need to understand how to adapt to the use of an SSD instead of an HDD,
Plus having to use an installed version of Palemoon so the Comodo F1 Help commands can find a “Default Browser”,
Plus again relocating all the monstrous browser caches etc. away from C:,
So I do not have the time to learn how to obtain any benefit from Sandbox.

Please advise, is it sufficient to choose the Proactive Configuration and then switch off the Sandbox,
or should I first use “Program Features” to “Uninstall/Change” Comodo,
or to even totally remove and then re-install Comodo.


I just edited previous post I made. Where I said enabled it should have said disabled.

With the sandbox disabled you will be able to go through an installation step by step. You don’t need to use a special constellation of settings. Switch to Paranoid Mode if you want to follow each step of an installation regardless of whether the installer is trusted or not.

Thanks for the explanation. I am now satisfied.