Not Checked Auto allow all software from program files folders Auto allow specific critical windows processes Auto allow windows 8 metro store Temp allow by publisher signature until reactivate Auto allow by parent process Checked Do not whitelist items in the appdata Upon Reset Whitelist Taking Snapshot ~ what criteria does VS employ to populate the Snapshot. Is VS Training simply the unfettered whitelisting of running processes ? Why not log running processes ? So, that I may snaphot whitelist discrete from running processes. What makes a running process... a safe to allow process ?