1. What is the point of the "resource access" settings? Other than, deny, write only, and the allow settings, isn't everything read only anyway? 2. What entries do I need to add in order to beef up my security. What entries do you guys use for these settings? 3. When running a sandboxed browser, how do you guys scan a file you just downloaded? I think my options are: -1. Open NON SANDBOXED explorer.exe and scan using NON SANDBOXED HitmanPro and VirusTotal Uploader -2. Open sandboxed explorer.exe and scan using sandboxed HitmanPro -3. Open sandboxed explorer.exe and scan using sandboxed HitmanPro and sandboxed VirusTotal Uploader in sandboxed Browser The difference between choice 2 and 3 is whether I want to allow Firefox in my "File explorer and scanner" sandbox. If I do allow FF, I might as well just allow VirusTotal Uploader in my "Internet Browsing" sandbox. What do you guys think? Am I good with just HMP or should I use VirusTotal as well? 4. Does accessing the C:\Sandbox folder with an un sandboxed explorer pose any security risk? Say I wanted to scan my downloads in that folder with the context menu entry for HitmanPro, if I navigate to the file in this folder and scan it with HMP unsandboxed, can bad things happen?