Rules for services.exe and rundll32.exe, and driver installation in Comodo v4

Hi. Several days ago I installed Comodo v4. In relation to this thread https://forums.comodo.com/news-announcements-feedback-cis/cfp-poor-pop-up-alerts-by-compared-with-other-hips-t44186.0.html and recommendations for setting rules for services.exe and rundll32.exe, I want to ask are these recommendations still valid in v4: For services.exe - Device drivers installation set to ask; Protected Registry Keys - Ask; Protected Files/Folders - Ask; [b]For rundll32.exe[/b] - all set to ask. With the following configuration of v4....828 Proactive Security, no Comodo antivirus, Sandbox disabled, Firewall custom, Defense+ safe mode, [b]on default[/b] after the install for services.exe I have all Process access rights on allow except for Run an executable and Protected registry Keys which are set to ask. After I set the Device Drivers installation on ask this rule is valid only until the next system restart, after which it is automatically reverted to allow. Rundll32.exe is not present at all in the Computer Security Policy list. I have the “Trust the applications digitally signed…” checked in Defense+ general settings.
In Pseudo COM Interfaces Privilegies there is no “LocalSecurityAuthority.LoadDriver”.

Win XP SP2, Comodo v4…828

Try moving the rule for services.exe to a place above Windows System Applications. It is under that rule and therefor it will follow the Windows System Applications rule (it is subordinate).

I`ve moved it above and also unchecked “Trust the applications digitally signed…” in Defense+ general settings. Again it switches back to “allow” with the next system restart.