I wonder how the comodo Sandboxie detail in relation to his use by the context menu when running malware that downloads malware dll, exe, etc., if the rest of them stay in the system after running in the sandbox and then notice that the program or malware is closed if they will keep the system up to be “caught” by the scan and also all the applications running within the sandbox after its closure if they are in the system, how the permissions are or not denied. Finally, how closely the sandbox when excute the context menu.
And also about VritualRoot folder if it keeps some files of virtualization and then they are excluded and if a malware is emulated will save fragments of malware or through the scan will they be removed?
My system is Windows 7 Ultimate x64
My system in virtual machine is Windows XP SP3 x86
I would be grateful if someone could comodo, if I answer that question.
Well, I’m really not sure what you are actually asking here, but I’ll make an attempt.
Anything sandboxed from the context menu is running in the manual sandbox. The manual sandbox is full virtualization, as opposed to the automatic sandbox which only limits access rights. This means anything in the manual sandbox is kept separate from the normal Windows file system. If there is malware in the sandbox, it will stay in the sandbox. There should be no traces of it left anywhere in your Windows file system.
I believe in order to remove anything from the VritualRoot folder, you need to delete it manually. I have seen some mention of it possibly clearing the contents on reboot, but I haven’t tested to confirm this.
I’m not sure whether or not a full system AV scan will scan the VritualRoot folder.