Does anyone know if it’s possible to have Modify File events show up in the Defense+ Events logs without the HIPS popup alert (prompting for Allow/Block/Treat as)?
I’m attempting to use HIPS to monitor changes made to certain files, but I don’t want to stop applications from making modification. Many of the applications are fully automated and a user isn’t present to click the popup.
As far as I can tell there isn’t a way to do this through the Comodo’s Advanced Settings. I’m not sure if there is a certain combination of registry settings that will accomplish this.
Add the files to the Blocked Files tab under HIPS > Protected Objects or modify the “All Applications” rule located in HIPS rules and edit the exclusions for Protected Files/Folders access right and choose blocked files/folders tab.
Thanks for the help futuretech. Unfortunately it doesn’t look like either option works for this. The former blocks access to the file, the latter does report that the file is modified in the Defense+ event logs (without a popup), but it doesn’t allow the file to be saved. If it allowed the file to be saved it would work perfectly.
The simple answer is no, not without blocking it.