Comodo Internet Security

• Introduction To Comodo Internet Security
  • Special Features
  • System Requirements
  • Installation
    • CIS Premium – Installation
    • CIS Pro - Installation And Activation
    • CIS Complete - Installation And Activation
    • Activating CIS Pro/Complete Services After Installation
      • Activating Your License
      • Activating Your Guarantee Coverage
      • Renewal Of Your License
  • Starting Comodo Internet Security
  • The Main Interface
    • The Home Screen
    • The Tasks Interface
    • The Widget
    • The System Tray Icon
  • Understanding Security Alerts
• General Tasks – Introduction
  • Scan And Clean Your Computer
    • Run A Quick Scan
    • Run A Full Computer Scan
    • Run A Rating Scan
    • Run A Custom Scan
      • Scan A Folder
      • Scan A File
      • Create, Schedule And Run A Custom Scan
  • Instantly Scan Files And Folders
  • Processing Infected Files
  • Manage Virus Database And Program Updates
  • Manage Quarantined Items
  • View CIS Logs
    • Antivirus Logs
      • Filtering Antivirus Logs
    • Viruscope Logs
      • Filtering Viruscope Logs
    • Firewall Logs
      • Filtering Firewall Logs
    • Defense+ Logs
      • Filtering Defense+ Logs
    • Website Filtering Logs
      • Filtering Website Filtering Logs
    • Alerts Logs
      • Filtering Alerts Displayed Logs
    • Tasks Logs
      • Filtering Tasks Logs
    • Configuration Changes Logs
      • Filtering Configuration Changes Logs
  • Get Live Support
  • View Active Internet Connections
  • View Sandboxed Processes List
• Firewall Tasks – Introduction
  • Allow Or Block Internet Access To Applications Selectively
  • Stealth Your Computer Ports
  • Manage Network Connections
  • Stop All Network Activities
  • Advanced Firewall Settings
• Sandbox Tasks – Introduction
  • The Virtual Desktop
    • Starting The Virtual Desktop
    • The Main Interface
    • Running Browsers Inside The Virtual Desktop
    • Opening Files And Running Applications Inside The Virtual Desktop
    • Configuring The Virtual Desktop
    • Closing The Virtual Desktop
  • Run An Application In The Sandbox
  • Reset The Sandbox
  • View Active Process List
• Advanced Tasks – Introduction
  • Create A Rescue Disk
    • Downloading And Burning Comodo Rescue Disk
  • Remove Deeply Hidden Malware
  • Submit Files
  • Identify And Kill Unsafe Running Processes
  • Manage CIS Tasks
• Advanced Settings
  • General Settings
    • Customize User Interface
    • Configure Program And Virus Database Updates
    • Log Settings
    • Manage CIS Configurations
      • Comodo Preset Configurations
      • Importing/Exporting And Managing Personal Configurations
  • Security Settings
    • Antivirus Settings
      • Real-time Scanner Settings
      • Scan Profiles
      • Exclusions
    • Defense+ Settings
      • HIPS Settings
      • Active HIPS Rules
      • HIPS Rule Sets
      • Protected Objects
        • Protected Files
        • Blocked Files
        • Protected Registry Keys
        • Protected COM Interfaces
        • Protected Data Folders
      • HIPS Groups
        • Registry Groups
        • COM Groups
      • Sandbox
        • The Sandbox - An Overview
          • Unknown Files - The Scanning Processes
      • Configuring The Sandbox
      • Configuring Rules For Auto-Sandbox
      • Viruscope
    • Firewall Settings
      • Firewall Settings
      • Application Rules
      • Global Rules
      • Firewall Rule Sets
      • Network Zones
        • Network Zones
        • Blocked Zones
      • Port Sets
      • Website Filtering
        • Creating And Modifying Website Filtering Rules
        • Defining And Modifying Website Categories
    • Manage File Rating
      • File Rating Settings
      • File Groups
      • File List
      • Submitted Files
      • Trusted Vendors List
• Comodo GeekBuddy
  • Overview Of Services
  • Activation Of Service
  • Launching The Client And Using The Service
  • Accepting Remote Desktop Requests
  • Chat History
  • Using Free Diagnostic Reports
  • Scanning My PC
  • Uninstalling Comodo GeekBuddy
• TrustConnect Overview
• Chromodo Browser
• Appendix 1 CIS How To... Tutorials
  • Enable / Disable AV, Firewall Auto-Sandbox And Viruscope Easily
  • Set Up The Firewall For Maximum Security And Usability
  • Block Internet Access While Allowing Local Area Network (LAN) Access
  • Block/ Allow Websites Selectively To Users Of Your Computer
  • Set Up The HIPS For Maximum Security And Usability
  • Create Rules For Auto-Sandboxing Applications
  • Password Protect Your CIS Settings
  • Reset Forgotten Password (Advanced)
  • Run An Instant Antivirus Scan On Selected Items
  • Create An Antivirus Scanning Schedule
  • Run Untrusted Programs In The Sandbox
  • Run Browsers Inside Sandbox
  • Run Untrusted Programs Inside Virtual Desktop
  • Run Browsers Inside The Virtual Desktop
  • Restore Incorrectly Quarantined Item(s)
  • Submit Quarantined Items To Comodo For Analysis
  • Enable File Sharing Applications Like BitTorrent And Emule
  • Block Any Downloads Of A Specific File Type
  • Disable Auto-Sandboxing On A Per-application Basis
  • Switch Between Complete CIS Suite And Individual Components (just AV Or FW)
  • Switch Off Automatic Antivirus And Software Updates
  • Suppress CIS Alerts Temporarily While Playing Games
  • Renew Or Upgrading Your License
  • How To Use CIS Protocol Handlers
• Appendix 2 - Glossary Of Terms
• Appendix 3 - CIS Versions
• About Comodo Security Solutions

Disable Auto-Sandboxing on a Per-application Basis

The default auto-sandbox rules will run unknown executables in sandboxed environment and queue them for submission to Comodo Cloud scanners for behavior analysis. Users do, however, have the option to exclude specific files or file types from this auto-sandboxing process by creating a rule. This is particularly useful for developers that are creating new applications which, by their nature, are as yet unknown to the Comodo safe list.

To disable the auto-sandboxing selectively

1.  Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen

2.  Open 'Sandbox Tasks' and click 'Open Advanced Settings'. 

3.  Click 'Security Settings' > 'Defense+ ' > 'Sandbox' > 'Auto-Sandbox' from the left hand side pane

4.  Click the handle at the bottom of the interface and open the option panel

5. Click the 'Add' button

6.  In the Manage Sandboxed Program interface, select 'Ignore' from the 'Action' drop-down options:

7.  By default the Source tab will be selected. Click the Browse button beside the Target field then click Files from the options.

8.  Navigate to the location where is the application is installed or stored, select it and click 'Open'. Click here for details about adding to target from other options. 

9.  Click the Reputation tab, select the checkbox beside 'Select file rating' and click 'Unrecognized' from the drop-down options.

10.  Click the Options tab.

By default, 'Log when this action is performed' will be selected.

• Log when this action is performed – Whenever this rule is applied for the action, it will be logged.

• Don't apply the selected action to child processes – Child processes are the processes initiated by the applications, such as launching some unwanted app, third party browsers plugins / toolbars that was not specified in the original setup options and / or EULA. CIS treats all the child processes as individual processes and forces them to run as per the file rating and the Sandbox rules.

• By default, this option is not selected and the ignore rule is applied also to the child process of the target application(s).

• If this option is selected, then the Ignore rule will be applied only for the target application and all the child processes initiated by it will be checked and Sandbox rules individually applied as per their file rating.

11.  Select the options as required and click 'OK'.

The Ignore rule will be saved for the specified application and displayed in the Auto-Sandbox screen. Make sure to keep this rule above all other rules for unrecognized files.

Alternatively…

1. Assign Trusted rating to the file from the File List interface  

2. Digitally sign your files with a code signing certificate from a trusted CA then manually add your organization to the Trusted Software Vendors list

3. Disable Auto-Sandbox by de-selecting the 'Enable Auto-Sandbox' check box in the Auto-sandbox settings panel. Not recommended.

For more details on Auto-Sandboxing process, refer to the section Configuring Rules for Auto-Sandbox.