Default settings

I installed the new CIS on my lady friend’s Vista machine and set it up like I have mine with the Behavior Blocker set to Restricted. This proved to be too restrictive and I had to put it back to the default of partially limited. She plays all kinds of games from Pogo, Yahoo, iWin, and maybe others and the restricted setting was giving all kinds of alerts and even preventing the games from working. She is probably a little less well protected now but that’s how it has to be. I’m 100% sure she is still a lot better protected than with the previous setup of Avast! free AV and the default Vista Firewall.

I’m not taking anything away from Avast since it’s a fine product but CIS is at the same price point ;D and offers up a lot more.

I would be tempted to set the BB to fully virtualized, I have found this offers the best protection whilst not impacting on functionality.

That would not allow her games to be installed or her progress in them saved so would not be acceptable.

You could always move them to trusted files and/or add them to files/folders not to be virtualized, providing you knew them to be safe.

I could, yes, but her? No way. She sees a popup and just closes it. She seems incapable of figuring out the options and where to click. I would dread even trying to explain what trusted files are. She still asks me from time to time what a browser is. I have to keep her interactions with her security program to an absolute minimum. I may even have to go back to the combination she was using before.

I could be wrong, as I haven’t tested it extensively. But shouldn’t most applications work when fully virtualized?

Also, I believe that as long as the Kiosk is not manually reset those saved games should be available to her every time she runs the game. Nothing would be lost unless you manually reset the kiosk.

I’d recommend that you try out fully virtualized and see if it is a good fit or not. Let me know how it goes.

Thanks.

From my own experience non of the games I’ve tried have worked in the fully virtualized sandbox, either they crash almost instantly or they never even start. =S Though I could be playing all the wrong games ^^‘’

Then I would have to explain what a sandbox is and she would have to enter the Kiosk every time she wanted to play something. That wouldn’t fly either. I’m having enough of a problem trying to convince her to use the Kiosk when she pays her bills or accesses her banking site. She gets flustered and bent out of shape when one of her favorite websites makes changes and it takes days and maybe even a phone call for her to understand how to use the new site.

You should make a FAQ for her, that way the questions shouldn’t be repetitive at least =3

Okay. I’ll remember that for future reference.

No, I’m talking about the setting for the Behavioral Blocker to automatically sandbox all unknown applications with the level “Fully Virtualized”. Thus, she would have to do nothing other than just open the game as she normally would. CIS would take care of everything itself. Remember that the Kiosk and the fully virtualized BB share the same space.

However, with what SanyaIV wrote above, it’s possible that the games wouldn’t work correctly. However, it’s probably worth trying.

There is no such setting unless you hack the registry from what I’ve read.

Enable full Virtual via the registry then deselect - Detect installers and show privileged elevation alerts

Correct, but you only have to do this once.

I am debating whether or not to turn off the installer detection on her machine. I don’t know how much that would impact security but then she hasn’t been infected in over three years just using an AV and the Windows Firewall. It certainly would eliminate alerts when she installs new games. The iWin installer was added to trusted files already but she goes to all the game sites.

For advice on how to lower the number of alerts, along with the pros and cons, please read my article about How to Install Comodo Firewall. However, be aware that you can easily substitute Fully Virtualized as the Behavioral Blocker with no loss of security.

Dragon doesn’t work half the time for me in the virtual box . But it’s not a problem for me because I don’t use it . i feel I am protected enough with my settings and what not . BB on restricted and all that fun stuff .

VirtualBox does/did not support all functionality of Windows making it would not make work CIS like it should when installed inside a VB installation of Windows. The same might apply for Dragon.

Java doesn’t work in virtualized browsers when CIS does it.

Dragon works fine for me inside the kiosk but the extensions like ad block do not. I didn’t expect them to.

When you add the “Web browser Data Folder” to the exclusions of virtualisation does that make it work?