I have some questions ,
If you disable the sandbox , are u still protected as much as if the sandbox was enabled ?
If yes , why is the sandbox there ?
And i did some tests in a virtual machine , and i opened some malware and it sandboxed it , as ( untrusted ).
Then later i restarted the computer , but the file was still there in application data , so if i disabled sandbox , defense + would react so i could block it , so the file would never be there , is that correct ?
The sandbox will allow the file to sit there, but now do much (depending on your security level). If you disable it then Defense+ will give you complete control over what the file can and cannot do.
The sandbox just makes things easier for you by automating many of the Defense+ rules that you would otherwise have to make yourself. From what I’ve seen, if you follow the advice I give here you will be protected.
Does that answer your question?
Yea , i´ll just disable the sandbox and answer all myself , i also did disable the option that Comodo not gives much popups by allowing outgoing traffic .
And , did u also did this ?
Go to Defense + , then to computer security policy , and then edit , then to protected files and folders , then to third party protocol drivers and put >>>> that in it ? \Device\KsecDD
Its to prevent malware to encrypt right ?
Ive seen a video malware bypassed comodo by encrypting the whole computer.
Is it good like this ?
Or different ?
Yes, and I haven’t heard of any bypasses from anyone who has done this.