Today, I downloaded some .exe - And I could not trust it so I right clicked, and then clicked “Run in Comodo Sandbox.”
A warning came up:
I was scared to see the message, and I tried to the close the program but no luck and it restarted my PC.
Before it was restarted, I saw that 1Item is running in the sandbox, that was the .exe I think.
But, now it have restarted and I don’t see any wierd processes or something, but I deleted the file.
Am I infected, or did Comodo Sandbox save me?
Do a scan with MBAM to determine if there’s any dropped files.
Nothing, it didnt find anything.
Would’nt Comodo stop the Dropfiles?
deadman
January 23, 2011, 10:38am
4
If it was sandboxed as Restricted or lower, no. Only Untrusted and Blocked options are preventing dropping files.
That seems kinda… dangerous. What if I set my settings to Block?
deadman
January 23, 2011, 12:37pm
6
Dropped files aren’t loaded in memory, so they’re not dangerous.
If it is set to Blocked than aplication isn’t allowed to run at all.
Did the window have a title?
jj1two3
January 23, 2011, 11:29pm
8
I would do a scan with Malwarebytes and then Hitman Pro just for a little peace of mind.
jj
Please don’t double post. This question is also discussed in your other topic.
Thats one reason why i have untrusted as my setting.
:imoangel: (CNY)
Noo. He clicked on “Run in Comodo Sandbox” thats means that file got virtualized, so there is no danger. All is right, after restart virus gone.
That .exe was pornoplayer.exe or flash update.exe or other fake adobe hlash player? When answer is yes - then it could be variant of Trojan Ransom - read more here - https://forums.comodo.com/defense-sandbox-help-cis/just-some-questions-for-53-t68412.0.html
Notice that the automatic sandboxing does not virtualise file system and registry keys. That is only available in the manual sandboxing.
