The COMODO Sandbox - does it protect against keyloggers?

This is probably the biggest issue with respected virtualization software; they can handle all types of malicious activity except for a single one; keylogging. SandboxIE is supposed to have this problem, reading the creator's own FAQ.


Now I'm asking about another Sandbox; COMODO. Does COMODO have the same problem?

 

Spyshelter keylogger test



If I block D+ alert i get this



If I allow D+ alert keylogger is successful



Zemana keylogger test



If I allow or block D+ alert I get this

 

Sounds good. What about disabled D+ with pure Sandboxing approach? I've seen "D+" still alerts when supposedly disabled, so that would be interesting. Otherwise I'll re-enable D+ again. Thank you

 

OK, D+ disabled. Zemana fails in sandbox and Spyshelter is successful. No popup from D+ after I disable it.

Ah and my CIS config is Proactive security with Firewall and D+ in Safe Mode, Sandbox enabled.

 

FW disabled and D+ in IS (default) mode then?

 

No no, I was referring to the highest (Proactive) preset and what difference it would be to run it at its default. That's what I wanna run, hence I'd like to know his results on those settings, if he has time and will to do it still.

 

I'll do that today when I'm at home.
So FW disabled and D+ in IS? Oki-doki.

 

Thanks a lot man, appreciate it. D+ in IS is correct - that's the default, middle preset.

 

Same behavior like above. Zemana blocked on both Allow/Block from D+ and Spyshelter successful on Allow and fail on Block alert from D+.