Auto Sandbox protects from Malwares. Sometimes with Auto Sandbox popup, D+ Popups like COM & Protected Registry also appears. So suppose a malware file is auto sandboxed & the user gets the D+ popup COM or Protected Registry & the user allows the COM or Protected Registry D+ popup, Is the system still safe or can be infected now??
Thanxx
Naren
Then you will very likely get infected. Writing to the registry will more than likely allow the program to autostart with Windows f.e…
There is no registry ley popup.
There can be 2 D+ alerts only:
1- Protected COM 2- Global Hook
And these are shown only when D+ cant answer itself.
Technically I know nothing about what the COM interface is. But would, generally speaking, allowing COM interface access by malware infect your system?
Yes. Both of them can lead infection. Global hook is more severe.
and blocking a legitimate application when the alert pops could limit it’s usability … :-TU that’s why the wording is so important in such alerts , and we have this in comodo :-TU
:comodorocks:
So in COM & Global Hook case if users allows them they will be infected even if the original file is autosandboxed.
Is it technically not possible to give no further popups if any file is autosandboxed??
Thanxx
Naren
allow me to clarify why it’s not a great idea.
first of all it’s technically possible , but remember we shouldn’t lose the usability as well as the protection.
a screen logger and a legitimate application which captures screen shots behave in the same manner, they will both install a hook . , If they are both unknown and new , how come any software will decide whether the file is malicious or not , because if the software automatically blocked such behavior then , you will limit the usability of the software , in fact , you will make it useless . Therefore , an alert is a necessity in this case.
I hope that enlightens ya a bit
Got it. Thanxx for the info. So these things are little hurdles for average users. First when I use to get these COM & Hook popups I also use to allow them thinking some system things or if I block them the apps will not function properly. But now I am little familiar with these types of popups.
Thanxx
Naren
anytime 