shmu26

Level 85
Verified
Trusted
Content Creator
So just to clarify, CFW once configured properly with CS settings will BLOCK any malicious file from executing, while if one chose to activate HIPS, would receive an alert or a multitude of alerts requiring action by the user?

When I mean block, I mean that one receives a Windows error message that the file cannot be executed or found.

I bring this up because I have found files in cfw Blocked Applications that were blocked by Containment but I received no alert by cfw other than a Windows error message upon opening the file. Test I used was the basic EICAR file.
CruelComodo will cause any unrecognized file to be automatically sandboxed in a secure way. You will not get a Windows error message, because the file executed, albeit in a sandboxed environment.
If you enable HIPS on top of that, nothing will change unless you allow the file to run outside of the sandbox. At that point, you will start getting HIPS prompts.

If you want unrecognized files to be totally blocked, that is what ComodoFix does.
 
Top