I was playing with the HitmanPro Alert Exploit Test Tool 64 bits.If the HIPS setting is enabled, it will block when the file is created.
In this tool there is a test with a blue icon called URLMon, the purpose of this test is to drop a dll file to the desktop.
When I run that test this happens:
1-The URLMon button is pressed
2-The Iexplorer 11 browser opens
3-The calculator opens
4-The dll file is downloaded to the desktop
But when the dll file is dropped to the desktop RO does not react, why can this be?