looking into Defence+ → View Active Process List I see that there are several Unknown applications run on my computer, but none is sandboxed (Sandbox level = Disabled). What’s up? Sandbox is enabled, Defence+ too. The OS is Windows XP SP3.
Though the documentation does not point it out (or at least I haven’t found in anywhere), the “Defence+ Settings → Execution Control Settings → Treat unrecognized files as …” checkbox must be checked. Enabling the sandbox itself is not sufficient.
On the other hand, it does not seem necessary to have the Image Execution Control enabled.