defense+ suppress alerts

Is the option to suppress defense+ safe against actual malware?

The defense+ setting called “Do not show popup alerts” will do an excellent job at stopping malware if you set it to block requests. The downside is that some of your safe files unknown by comodo will be blocked and it will be more difficult to unblock them. I choose to uncheck the “Do not show popup alerts” option for this reason.

Does it always block files unknown to comodo? Which settings are best for inexperieced users?

Yes. In CIS an unrecognized file is one comodo doesn’t have whitelisted and I think a file could also be unrecognized if the vendor in the file’s certificate isn’t on the trusted vendors list.

It’s hard to tell if you should uncheck this option and deal with alerts from CIS. You can try answering the popups for a short time and see if you can tell which files should be trusted. Always be prepared to click block unless you are 100% sure the file came from a very trustworthy source.

I think the blocked files will be there in Computer Security Policy, right?

Thanxx
Naren

more info are to be found here :
https://forums.comodo.com/defense-sandbox-faq-cis/alert-reducing-settings-in-cis-why-how-when-to-use-v58-t76410.0.html;msg547632#msg547632