2 questions about defense+/sandbox

  1. If I disable hips, is there still any point “Enable enhanced protection mode” have active? (OS is 64 bit)

2.If I create new rule in sandbox like this (see attachment), how it will affect when write/burning on removable media-flash/dvd? also I noticed that it sandboxes only exe files, not wordpad and pdf which I think should be included in “all applications” rule!?

[attachment deleted by admin]

  1. I believe that HIPS cannot be full disabled anymore, i.e the inspect driver still injects into all programs memory, so it most likely still active, its just being very quiet.

  2. I believe that would only affect reading stuff from a removable drive.

Inspect driver should be guardxx.dll of course. Inspect is the packet filter driver of the network firewall.

I understood your point, well, driver maybe is on but when unchecked the box “Enable Hips” it should disable its functionality right?! and as “Enable enhanced protection mode” means additional host intrusion prevention (if I understand this correctly), then maybe it’s also disables with it?!

Reason I wrote this was because with new version of Comodo it appears that “Enhanced protection mode” interferes with one of my program-RealTemp, which I use to measure my cpu/gpu temperature. With “Enhanced protection mode” enabled it sees only one cpu core. In Comodo v7 such wasn’t happening.

Also any other suggestions on my second question please?! I’d not like to damage data on my drives if I put them in sandbox…

Thanks.