sandboxed programs - i don't get it

Sorry for asking a similar thing again, but i have to give up searching now. The whole interface is completely confusing. So i started that widget, right, which tells me there are three sandboxed applications. When i click on that icon, it starts the killswitch, & sure enough, there are the applications.

So far, so good. But what i’d absolutely expect in this place, is “DO NOT SANDBOX THIS ANYMORE”!!! So, i’ve looked in the advanced options (which are there TWICE, for some reason, but that’s another story), but there is nothing shown in the sandboxed category. Why? If there are sandboxed apps, they have to show up SOMEWHERE, right? The most logical thing would be, like i mentioned, we could find them & set them right in the kill switch. So, basically i would like to know, where else can i find those sandboxed application. Also, i would strongly recommend to consider some better solution. Why can’t we just have another context menu item saying “do not sandbox this application”? :-[

Please open the Advanced Settings. Then click on “File Rating” and select “Unrecognized Files”. The sandboxed files should be listed in there.

Thanks a lot. But none of the applications is there (i’ve looked there already). I can see them only in the kill switch, all of them rated “trusted”, with the resctriction “partly limited”.

Did you by any chance select the option to create rules for safe applications?

Do you have the HIPS enabled or just the Behavioral Blocker?

are the applications by any chance svchost.exe (possibly times two) and cmdvirth.exe? These are supposed to be in the sandbox.

Well, that´s possible. I can´t rule it out.

Do you have the HIPS enabled or just the Behavioral Blocker?

I have both enabled.

No. It was some Clipboard manager & two Autohotkey scripts, which ist in the autostart folder. But after i have cleared some items, the sandboxed programs ar gone, as i just find out. I couldn´t find them in the list, though.
Anyway, the problem is solved so far. I still would suggest, to make it easier to track & access all sandbxed stuff.

In KillSwitch you can right-click any unknown process (also if sandboxed which it should be if it’s unknown) then at the bottom of the context menu you can choose to add it to the trusted files list.

Anything automatically sandboxed should show up in the unrecognized files list unless for example you have an unknown file that starts chrome.exe then chrome will be sandboxed but it’s not a unknown file hence it won’t show up.

If you don’t find any files in the currently sandboxed files or in the unrecognized files yet you know there were files being sandboxed then you can go into the logs and look under defense+ events and then find the logs about sandboxed applications and then from there you can get the file path and using the file path you can enter the trusted files list and then add the file path to the application you trust.