Comodo Internet Security

• Introduction To Comodo Internet Security
  • Special Features
  • System Requirements
  • Installation
    • CIS Premium – Installation
    • CIS Pro - Installation And Activation
    • CIS Complete - Installation And Activation
    • Activating CIS Pro/Complete Services After Installation
      • Activating Your License
      • Activating Your Guarantee Coverage
      • Renewal Of Your License
  • Starting Comodo Internet Security
  • The Main Interface
    • The Home Screen
    • The Tasks Interface
    • The Widget
    • The System Tray Icon
  • Understanding Security Alerts
• General Tasks – Introduction
  • Scan And Clean Your Computer
    • Run A Quick Scan
    • Run A Full Computer Scan
    • Run A Rating Scan
    • Run A Custom Scan
      • Scan A Folder
      • Scan A File
      • Create, Schedule And Run A Custom Scan
  • Instantly Scan Files And Folders
  • Processing Infected Files
  • Manage Virus Database And Program Updates
  • Manage Quarantined Items
  • View CIS Logs
    • Antivirus Logs
      • Filtering Antivirus Logs
    • Firewall Logs
      • Filtering Firewall Logs
    • Defense+ Logs
      • Filtering Defense+ Logs
    • Website Filtering Logs
      • Filtering Website Filtering Logs
    • Alerts Logs
      • Filtering Alerts Displayed Logs
    • Tasks
      • Filtering Tasks Launched Logs
    • Configuration Changes
      • Filtering Configuration Changes Logs
  • Get Live Support
  • View Active Internet Connections
  • View Active Process List
• Firewall Tasks – Introduction
  • Allow Or Block Internet Access To Applications Selectively
  • Stealth Your Computer Ports
  • Manage Network Connections
  • Stop All Network Activities
  • Advanced Firewall Settings
• Sandbox Tasks – Introduction
  • The Virtual Desktop
    • Starting The Virtual Desktop
    • The Main Interface
    • Running Browsers Inside The Virtual Desktop
    • Opening Files And Running Applications Inside The Virtual Desktop
    • Configuring The Virtual Desktop
    • Closing The Virtual Desktop
  • Run An Application In The Sandbox
  • Configure The Sandbox
  • Reset The Sandbox
• Advanced Tasks – Introduction
  • Create A Rescue Disk
    • Downloading And Burning Comodo Rescue Disk
  • Remove Deeply Hidden Malware
  • Submit Files
  • Identify And Kill Unsafe Running Processes
  • Manage CIS Tasks
• Advanced Settings
  • General Settings
    • Customize User Interface
    • Configure Program And Virus Database Updates
    • Log Settings
    • Manage CIS Configurations
      • Comodo Preset Configurations
      • Importing/Exporting And Managing Personal Configurations
  • Security Settings
    • Antivirus Settings
      • Real-time Scanner Settings
      • Scan Profiles
      • Exclusions
    • Defense+ Settings
      • HIPS Behavior Settings
      • Active HIPS Rules
      • HIPS Rule Sets
      • Protected Objects
        • Protected Files
        • Blocked Files
        • Protected Registry Keys
        • Protected COM Interfaces
        • Protected Data Folders
      • Behavior Blocker
        • The Sandbox - An Overview
          • Unknown Files - The Auto - Sandboxing And Scanning Processes
      • Configure The Sandbox
    • Firewall Settings
      • Firewall Behavior Settings
      • Application Rules
      • Global Rules
      • Firewall Rule Sets
      • Network Zones
        • Network Zones
        • Blocked Zones
      • Port Sets
      • Website Filtering
        • Creating And Modifying Website Filtering Rules
        • Defining And Modifying Website Categories
    • Manage File Rating
      • File Rating Settings
      • Trusted Files
      • Unrecognized Files
      • Submitted Files
      • Trusted Vendors List
• Comodo GeekBuddy
  • Overview Of Services
  • Activation Of Service
  • Launching The Client And Using The Service
  • Accepting Remote Desktop Requests
  • Chat History
  • Using Issue Tracker
  • Uninstalling Comodo GeekBuddy
• TrustConnect Overview
  • Microsoft Windows - Configuration And Connection
  • Mac OS X - Configuration And Connection
  • Linux / Open VPN - Configuration And Connection
  • Apple IPhone / IPod Touch - Configuration And Connection
  • Android Devices - Configuration And Connection
  • Windows Mobile Devices - Configuration And Connection
  • TrustConnect FAQ
• Comodo Dragon
• Comodo BackUp
• Appendix 1 CIS How To... Tutorials
  • Enable / Disable Security Components Easily
  • Set Up The Firewall For Maximum Security And Usability
  • Block Internet Access While Allowing Local Area Network (LAN) Access
  • Block/allow Websites Selectively To Users Of Your Computer
  • Set Up The HIPS For Maximum Security And Usability
  • Set Up The Behavior Blocker For Maximum Security And Usability
  • Password Protect Your CIS Settings
  • Reset Forgotten Password (Advanced)
  • Run An Instant Antivirus Scan On Selected Items
  • Create An Antivirus Scanning Schedule
  • Run Untrusted Programs Inside Sandbox
  • Run Browsers Inside Sandbox
  • Run Untrusted Programs Inside Virtual Desktop
  • Run Browsers Inside The Virtual Desktop
  • Restore Incorrectly Quarantined Item(s)
  • Submit Quarantined Items To Comodo For Analysis
  • Enable File Sharing Applications Like BitTorrent And Emule
  • Block Any Downloads Of A Specific File Type
  • Disable Behavior Blocker And Auto-Sandboxing On A Per-application Basis
  • Enabling Full Virtualization For Auto-Sandboxed Applications
  • Switch Between Complete CIS Suite And Individual Components (just AV Or FW)
  • Switch Off Automatic Antivirus And Software Updates
  • Suppress CIS Alerts Temporarily While Playing Games
  • Renewal Or Upgrading Your License
  • How To Use CIS Protocol Handlers
• Appendix 2 - Comodo Secure DNS Service
  • Router - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Windows XP - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Windows 7 / Vista - Manually Enabling Or Disabling Comodo Secure DNS Service
• Appendix 3 - Glossary Of Terms
• Appendix 4 - CIS Versions
• About Comodo Security Solutions

Enabling Full Virtualization for Auto-Sandboxed Applications

The Behavior Blocker will auto-sandbox an unknown executable and restrict its execution privileges according to an access restriction level set by you. The available restriction levels can be viewed in the Behavior Blocker settings panel. This tutorial explains how to add ‘Fully Virtualized’ to the set of available restriction levels for auto-sandboxed applications. It involves modifications to the Windows registry and should only be attempted by advanced users.

• Viewing and understanding restriction levels

• Adding the ‘Fully Virtualized’ level

To view auto-sandbox restriction levels

1. Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen

2. Click 'Advanced Tasks' > 'Advanced Settings' from the Tasks interface

3. Click 'Security Settings' > 'Defense+' > 'Behavior Blocker' from the left hand side navigation

By default, the Behavior Blocker provides five access restriction levels to choose from, for automatically sandboxed applications.

• Partially Limited - The application is allowed to access all operating system files and resources like the clipboard. Modification of protected files/registry keys is not allowed. Privileged operations like loading drivers or debugging other applications are also not allowed.(Default)

• Limited - Only selected operating system resources can be accessed by the application. The application is not allowed to execute more than 10 processes at a time and is run without Administrator account privileges.

• Restricted - The application is allowed to access very few operating system resources. The application is not allowed to execute more than 10 processes at a time and is run with very limited access rights. Some applications, like computer games, may not work properly under this setting.

• Untrusted - The application is not allowed to access any operating system resources. The application is not allowed to execute more than 10 processes at a time and is run with very limited access rights. Some applications that require user interaction may not work properly under this setting.

• Blocked - The application is not allowed to run at all.

Advanced users can add an additional level 'Fully Virtualized', in which all functionality of the application will be enabled, but in a virtual environment isolated from the operating system and files in the system. The 'Fully Virtualized' level but can be enabled by adding a registry key.

To add 'Fully Virtualized' level

1. Click Start > Run, from the Windows Start menu

2. Type 'regedit' in the text box and click 'OK'

3. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\FirewallPro

4. To add a new DWORD Entry, Click 'Edit' from the menu bar and select 'DWORD Value' OR right click in the right hand side pane and click 'New' > 'DWORD Value' from the right click options

A new registry value will be added with the name 'New Value#1'

5. Rename the as EnableDefaultVirtualization

6. Right-click on the value 'EnableDefaultVirtualization' and click 'Modify' from the context sensitive menu

7. In the 'Edit DWORD Value dialog box, change the 'Value data' from 1 to 0 and click OK

8. Restart the system for the changes to take effect

The level 'Fully Virtualized' will be added and will be available available for selection in the Behavior Blocker Settings panel.

For more details on Auto-Sandboxing process, refer to the section Unknown Files: The Auto-Sandboxing and Scanning Processes.

For more details on Behavior Blocker Settings refer to the section Behavior Blocker.