2.What does it do?
(1) It created a .sys file on the root of the disk.
(2) It loaded the driver.
(3) The .sys file is a copy of “vga.sys” trusted by CIS.
(1)partially limited and HIPS
2013-01-29 13:40:15 C:\virus\killhips\killhips.exe Sandboxed As Partially Limited
2013-01-29 13:40:18 C:\virus\killhips\killhips.exe Modify File C:\22222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222321.sys
The .sys file was installed successfully.
(2) limited, restricted, untrusted
(3) fully virtualized
The registry key remained in the real system.
Windows XP Pro SP3 32bit
Thanks a lot for reporting. Can you also send me the sample for a quick check?
The root of the disk is not protected by CIS.
Thank you egemen Can wait the new release(that will fix network issue, I believe is this week)
ITs fixed as well. Its ont related to release. So current 6.1 already has all the issues addressed.
Ok that’s great then. :■■■■
Is the root now a protected folder?
Thanks egemen. Comodo is always acting quickly when bug of this impact happens.
Is the problem in Boot up extremely slow after CIS 2013 v6.1 update related to the problem with the networking problem or is this a different problem? Ronny’s comment suggests it may be:
It is not what this issue is about. It is an XP only bug.
]Boot up extremely slow after CIS 2013 v6.1 update[/url] related to the problem with the networking problem or is this a different problem? Ronny's comment suggests it may be:
It will be fixed with an update next week. Some binary updates are now like antivirus updates i.e. will be updated frequently. This issue will be resolved with next update i.e. before May.