How to setup CIS to be as quiet as possible?

I’m planning to install CIS on sisters laptop, but since she doesn’t know much about technical stuff i’d like to do the following.

Antivirus does everything by itself so this is not an issue. Defense+ however, i’d like to set it so that it would automatically sandbox any unknown app without asking if i want to Sandbox, Allow or Block. I’d like it to always automatically pick Sandbox. Can this be done? I mean, it does sandboxing automatically most of the time but sometimes it asks you what to do and i’d like Sandbox to be automatic default option for that.

I was looking at the Game Mode, but it says that in Game Mode, antivirus won’t perform any updates which sucks… I however don’t want to set Defense+ to “Don’t show popups” option because that one only has Block and Allow options and no Sandbox. Or am i reading it wrong?

so you want all unknown apps to be blocked? correct?

if so i found a great way to setup defense + to do so. Ill attach screenshots of the settings. You said you want the sandbox enabled but set to blocked i have tried that approach but found this approach more reliable cuz i found the sandbox to block some apps that were in my trusted files list or whitelisted in the cloud. with this setup you dont need the av, defense + will do all the work.

Now there are 2 variations of this config that you will have to decide between. the first you set “dont show popup alerts” to block. Doing this will suppress all alerts and block unknown apps but will allow the user to change any settings since they wont be password protected. The second option is to set a parental control and suppress alerts, doing this will have the same affect as the other option but will require a password when trying to change any settings. I found the second option to be very effective. its the setup i use on my parents computer. all unknown apps are blocked (including malware) and they can do their basic computer operations without any alerts.

also enable “enhanced protection mode” if the system is 64 bit.

hope that helps

[attachment deleted by admin]

I don’t think we understand eachother. Because from what i can see from your setup, you’ve disabled Sandbox altogether. I don’t want that, i want it there, but i don’t want CIS to ask user with certain apps.
I want it to sandbox directly everything where it would otherwise ask to Sandbox/Allow/Block. I know it asks in some cases, but in most it automatically does that.

what do u mean when you say “i dont want CIS to ask user with certain apps.” what apps do you want it to ask for and which ones do you not want it to ask for

Sometimes you get popup like this instead of the tiny yellow one that just says app was sandboxed.

I’d like CIS to automatically select Sandbox on such events and not ask the user at all. I mean if sister will see this popup, she won’t have a clue what does it mean really. I do, but she won’t for sure and if she clicks Allow, that kind of defeats the whole purpose of Defense+…

i dont think there is an option to do this. only thing we could do is allow it or block it

It looks like such popup is only displayed if you try to run application using admin rights. Or if the program requests it by default (anything that triggers UAC directly). In settings there is really only Allow and Block option if you don’t want to display popups. But no Sandbox.

I mean she rarely installs anything, but she’s using mail and social networks a lot so i want a secure environment but no popups. I’ll check the Unrecognized list here and there to see whats still on it but in general she should be still able to run certain apps through sandbox.

Since this is a D+ alert you need to set D+ to Do not show pop up alerts and have it block.

RejZor wants the file to be sandboxed not blocked in that circumstance but i dont believe there is a way for it to be autosandboxed since CIS gives an alert.

Correct. I guess i’ll have to wait for CIS 6 then, hopefully this option will be available in it…