??? Hi chaps.I am getting a little confused as to which of the settings in the sandbox are the most secure, and the implications of that setting in comparison to the others in terms of usability ect.The settings i am talking about are the partially limited, Limited, restricted, untrusted and blocked in execution control settings.I have seen one or two posts on this subject but am still a bit unsure which setting will give me the greatest security, without compromising on usability.Perhaps one or two of my fellow Comodoites can clear this one up for me, and i will be very greatful.Oh, by the way its set at partially limited, default .
From what I’ve come to find untrusted is very secure. Blocked will allow nothing to run. So lets say you have a legit file that you might think is fishy. You can run it in untrusted and it will still run but won’t have access to alot of windows process. I’ve found that either restricted or untrusted worked the best. I had some live malware running (under virtual and sandboxie) and it ran but didn’t get very far. D+ log showed 1500+ intrusion attempts blocked. The malware kept trying to replicate and open cmd.exe. Of course it was on untrusted and it wasn’t allowed. I would feel more comfortable running untrusted or maybe even restricted. Hope this helps a little.
:-TU Thanks very much kjdemuth for the advice and i think i will go untrusted on this one.