can CIS sandbox protect Downloads folder? [Solved]

Hi, I have just ran ransomware on my computer in auto sandbox, finally all the folders are safe except the Downloads folder( the ransomware itself has also been encrypted).
After that I ran it on desktop. Again, all the folders are safe except the Downloads folder…(ransomware itself has not been encrypted).
For both scenarios, the Extortion letter appear at downloads folder.
I am using CIS
windows 10 1703 15063.296
default setting

If you want to play around with malware, then you should get a Virtual Machine.

“[X] Do not virtualize access to the specified files/folders”

programs in the sandbox are allowed to save and modify data in this area.
If you try to execute a unknown from the download folder it will be sanboxed.

Good if you want to run a web browser inside the sandbox and still allow you to save settings/bookmars without them disappearing,

you can uncheck this setting if you want, or modify it to your needs.

tanks a lot