I’m planning to install CIS on sisters laptop, but since she doesn’t know much about technical stuff i’d like to do the following.
Antivirus does everything by itself so this is not an issue. Defense+ however, i’d like to set it so that it would automatically sandbox any unknown app without asking if i want to Sandbox, Allow or Block. I’d like it to always automatically pick Sandbox. Can this be done? I mean, it does sandboxing automatically most of the time but sometimes it asks you what to do and i’d like Sandbox to be automatic default option for that.
I was looking at the Game Mode, but it says that in Game Mode, antivirus won’t perform any updates which sucks… I however don’t want to set Defense+ to “Don’t show popups” option because that one only has Block and Allow options and no Sandbox. Or am i reading it wrong?
if so i found a great way to setup defense + to do so. Ill attach screenshots of the settings. You said you want the sandbox enabled but set to blocked i have tried that approach but found this approach more reliable cuz i found the sandbox to block some apps that were in my trusted files list or whitelisted in the cloud. with this setup you dont need the av, defense + will do all the work.
Now there are 2 variations of this config that you will have to decide between. the first you set “dont show popup alerts” to block. Doing this will suppress all alerts and block unknown apps but will allow the user to change any settings since they wont be password protected. The second option is to set a parental control and suppress alerts, doing this will have the same affect as the other option but will require a password when trying to change any settings. I found the second option to be very effective. its the setup i use on my parents computer. all unknown apps are blocked (including malware) and they can do their basic computer operations without any alerts.
also enable “enhanced protection mode” if the system is 64 bit.
I don’t think we understand eachother. Because from what i can see from your setup, you’ve disabled Sandbox altogether. I don’t want that, i want it there, but i don’t want CIS to ask user with certain apps.
I want it to sandbox directly everything where it would otherwise ask to Sandbox/Allow/Block. I know it asks in some cases, but in most it automatically does that.
Sometimes you get popup like this instead of the tiny yellow one that just says app was sandboxed.
I’d like CIS to automatically select Sandbox on such events and not ask the user at all. I mean if sister will see this popup, she won’t have a clue what does it mean really. I do, but she won’t for sure and if she clicks Allow, that kind of defeats the whole purpose of Defense+…
It looks like such popup is only displayed if you try to run application using admin rights. Or if the program requests it by default (anything that triggers UAC directly). In settings there is really only Allow and Block option if you don’t want to display popups. But no Sandbox.
I mean she rarely installs anything, but she’s using mail and social networks a lot so i want a secure environment but no popups. I’ll check the Unrecognized list here and there to see whats still on it but in general she should be still able to run certain apps through sandbox.