Do you still need \Device\KsecDD in Comodo 6

For Comodo 5.12 etc., \Device\KsecDD and ?:* was needed to protect against Trojan.Win32 GPCODE do I require these in Comodo 6???

Method I:

  1. enable BB only
    2.The sandbox level is set as limited or the upper level.

Method II:
1.enable HIPS only
2.In the “Monitoring Settings”, the “direct disk access” is ticked.

Method III:
Run it as the restriction level, fully virtualized.

for example, run it in VK, right click sandboxing,…, etc.

Method 1 and 2. What if you have both HIPS and BB on ???

I had it set at fully virtualize but read on several forums that it should not be used and was introduced only because people kept asking for it, is that correct? I have since removed Comodo as I use Windows 8 pro which caused system to crash…

No problem, You are still protected.

Then, you must do the method I.

Virtualized environment always a risk that’s why. Something can always go wrong with stability. Also malware can bypass it (like with some virtual machines).

Why not have both? Or you mean 1st one is better in that case? BB is always enabled in all configurations right? When you switch to proactive one you also get HIPS enabled as well with BB already on?

If both hips and bb are on,

trusted application → blocked by HIPS

unknown process → blocked by BB

I see. Thanks. :slight_smile:

so if something escapes virtualization or restriction sandbox depending how the auto sandbox is set from bb then hips will catch it right