Am I correct in thinking that when a (fully) virtual program starts another program that program also starts virtual ?
If so wouldn’t clicking a link in a virtual instance of tweetdeck open a virtual instance of the default browser ?
The reason I ask is when I have firefox running non virtual and click a link in virtual tweetdeck that link opens in the non virtual firefox, if the running instance of firefox is virtual it opens in the virtual browser.
I could be wrong, but I believe that if something is virtualized, and it starts another program, that program will also be virtualized, but only if it is not already trusted by Comodo (either by hash or by the TVL).
I could be wrong, but I believe that trusted applications are likely exempt from this.
How do both of you have the behavioral blocker configured?
That is what will automatically kick in and stop all unknown programs. Thus, if you already have the behavioral blocker set to fully virtualized (remember that this requires editing the registry and is only recommended for advanced users) all unknown applications will automatically be fully virtualized regardless of whether they were started by a sandboxed process or not.
Have just retested this with same results
virtual tweetdeck - click link - virtual firefox running - link opens virtual
- click link - firefox not running - link opens virtual
- click link - non virtual firefox -links open non virtual