Clean PC Mode Help

mathsman1968 · January 1, 2008, 9:43am

Hello All, I have my Defense+ set to Clean PC Mode and like it. I understand that any new executables introduced to my system will be monitored and controlled, and would just like to know if this also applies to current executables that get modified.

So if say some malware manages to inject some malicious code into explorer.exe, would Defense+ pick up this change next time explorer.exe runs.

Also do the new executables get treated with the train with safe mode policy?

Thanks in advance

Blas · January 1, 2008, 11:21am

If explorer has been compromised it is almost already late. With the ‘prevention’ concept behind cfp your first alert would be when the malware wants to run/execute. If you allow this your next alert(s) will be about the malware trying to modify explorer.exe. If the nasty manages to inject code into explorer.exe without cfp alerting you means 2 things

It is disabled or in training mode (learning everything)
Or its mechanism has been bypassed :-\

mathsman1968 · January 1, 2008, 11:50am

Cheers Blas