Comodo sandboxing legit programs.

I’ve had a couple of my clients call over the last few days having trouble installing some new software from their bank. After some investigating it turns out that the software was sandboxed by ComodoAV and was installed into the vtroot folder.

I disabled the av protection temporarily and the program installed successfully.

This is a large bank (Lloyd) so I imagine I’ll get a lot more of this and I’m still not sure the program will run correctly once AV is reactivated. It’s certainly not an ideal fix but is there a way to disable the auto sandboxing on a permanent basis within the device profile?

For anyone else who may run into this… the program was called ‘Gemini’

Hello @Ed_Johnson,

Please check Endpoint Manager > Security Sub-system > Containment and please look for Gemini application. Select the file and rate the file as trusted, in this process it should allow the program to run without being contained. If by any chance the issue still persists, you may try whitelisting the program, please see guide below.

https://wiki.itarian.com/frontend/web/topic/how-to-white-list-files-based-on-file-group
https://wiki.itarian.com/frontend/web/topic/how-to-white-list-applications-by-path

Thank you and please let us know if the given guide works for you.

Thanks for the pointer Sam… Set to trusted and all sorted now.