lower setting allows ransomware to encrypt files.
what..?? allows?
The auto-sandbox in COMODO was introduced to lower the number of HIPS pop-ups and works by restricting the rights of executable files. The executable is not allowed to perform certain operations that can be harmful to the system. The Default level (Partially Limited) prevents modification of protected files/registry keys and the loading of drivers or the right to debug other applications. However some malware won't affect your system files but will encrypt your documents (for example in My Documents folder) and will demand a ransom to decrypt them (hence the name "ransom-ware"). It isn't a common way for malware to operate but it is possible and such malware is found in-the-wild.
A higher level (Restricted) will prevent this from happening.
The auto-sandbox affects all executables that are not known to COMODO (they are not digitally signed by a Trusted Vendor, they are not present inside the white-list, they are not known pieces of malware) so this means that some non-malicious executables can be auto-sandboxed as well. The Restricted level might prevent them from working properly. However, if you encounter this issue my advice is to make sure the file is not malicious by uploading it to VirusTotal, since COMODO's whitelist is pretty large at this point.
Check
How to Tell if a File is Malicious guide by Chiron (on techsupportalert).
The auto-sandbox in avast uses file and registry virtualization. The executable is allowed to access a virtualized copy of your resources (actual files and registry keys should not be affected). But only some executables are auto-sandboxed (so malware might get through) and some non-malicious apps might not work well inside this sandboxed environment. The on-demand sandbox in COMODO works the same way (you can access it from Defense+ > Run a program in the Sandbox)
To sum it up:
- If you are comfortable interpreting HIPS pop-ups (advanced): Disable sandbox in COMODO use avast's sandbox. Instead of auto-sandboxing the file, COMODO will show HIPS pop-ups. You are responsible for how you interpret and answer them.
- If you don't like many HIPS pop-ups (recommended to most users): Disable sandbox in avast, set COMODO's sandbox to Restricted.
- If you think the sandbox prevents a good application from running properly make sure the executable is not malicious by uploading it to Virus Total.
- Only if you are absolutely sure the application is not malware, run it again and click "Do not sandbox again".