Hi, I am new and have been reading the forums a lot lately. I am a little confused about is the HIPS stuff. I have been reading about DefenseWall and trying to figure out exactly what the difference or advantages it would have over Comodo Defense+, which is also a HIPS? From what I can tell defense+ simply won't let anything run that isn't on a safe list i set or give permission to? But once I say ok or put it on the list, anything is fair game? DefenseWall you set what programs are allowed to make changes, and others are untrusted and any changes untrusted make are virtual and can cause no harm? Or am I totally off here? Also in regards to something like SBIE, which if I understand correct.. Anything you run inside it's sandbox is totally contained and can cause no harm while inside? Is anything inside the sandbox able to be scanned by the realtime protection?(even if it cant get out, would be nice to know if a site had something bad) Also in the case of SBIE, if I were to do all my browsing inside of that and I did want to save certain files that I felt were safe I see you can recover just those files. When doing so do you risk having anything else bad in the sandbox at the time out? Or is it truly just the file you allow out and everything else is still held bad to be cleared later? My current setup is: realtime:NOD32, Superantispyware Pro, Comodo firewall(custom policy mode) and Defense+ (SafeMode) granted I need to read up more on Defense+ to understand everything and use it properly still. On demand I have A-Squared free and MBAM Thanks, appreciate any help.