Any comments?
Video is not mine by the way - I know Comodo at Blocked setting can stop this. Was just wondering if this is a real Containment/Virtualization bypass, or yet another one of those “fake bypasses” caused by tester not properly knowing how CIS functions.
Looks more like an incompatibility issue with sandboxie being installed with Comodo, so it would have been better to test with without sandboxie installed. But I did not see any changes being made to the portal device when I ran explorer in containment and tried adding a file to the portal device.
Thank you for testing. Very interesting. Those guys should first learn how CIS works before trying to claim a “bypass”. I also think Sandboxie installed might come into play here, since Sandboxie usually is a problematic software if used alongside other security programs.