Is this option related to Sandbox and if yes, then how it is related, for example when Sandbox is deactivated completely? Or if Sandbox is deactivated then this checkbox has no effect?
What for this checkbox in the first place? I’m moving from v4 – there was no such option. Help page is of little help, seriously. For example if this option “Treat unrecognized files as” is deactivated then in what manner the operation of Defense+ will change (if Sandbox deactivated) ?
In v3, v4 Defense+ under Proactive configuration (SB switched off) asked for every action of unrecognized application. With this new option this is not the case ??? What to expect?
It defines how seriously crippled unrecognized apps are. The different restricting levels are pretty explicit.
Per the rules:
Comodo Internet Security calculates the hash of an executable at the point it attempts to load into memory. It then compares this hash with the list of known/recognized applications that are on the Comodo safe list. If the hash matches the one on record for the executable, then the application is safe. If no matching hash is found on the safe list, then the executable is ‘unrecognized’ and you will receive an alert.
If the checkbox is enabled, the restrictions are applied to the unrecogized app’s system resource access rights. If its unchecked no access right restrictrions are enforced. This setting is irrespective of sandboxing. If you enable sandboxing, the app will run in the virtualized environment according to its access rights.
In other words modification of protected files/registry keys should be allowed for unrecognized files. But on practice modification of protected files/registry keys is prevented by alerts of Defense+.
Seems like this option is in fact a Sandbox option. If its not then i’m puzzled because i see no difference if its enabled or disabled (when SB disabled permanently) :-\
I see your confusion. Yes it is a sandbox option. IEC tab now controls automatic sandboxing of unrecognised files if this box is ticked, and retains its original function in respect of all files if this box is unticked.
