Greetings,
HIPS pop-up alert mentioned that: OfficeClickToRun.exe located at C:\Program Files\Common Files\Microsoft shared\ClickToRun\Updates\16.0.19328.20158\ could not be recognized and suggests that “You must make sure the .exe is a safe application before allowing this request”. (Please see picture below).
Clicking on OfficeClickToRun.exe, in the HIPS pop-up alerts, opens another pop-up saying “Windows cannot find…” the file that HIPS blocked.
Since there is no temporary folder for unrecognized .exe, just like there is for scripts (C:\ProgramData\Comodo\Cis\tempscrpt), and that in this case, the .exe file would most likely be deleted without fulfilling all of its roles: could HIPS be updated to retrieve the SHA256 (or other hash of the file) of unrecognized files and check it against a database to help the user decide in such circumstances (and in a timely manner) whether the .exe file should be trusted?
Thanks for making COMODO CIS better,
Regards,
B
