No, it cannot delete protected files. Extending this protection to the degree you suggest would mean that many sandboxed files could not function.
As I understand it, version 6’s virtualisation will extend this protection without this problem, as files created other than by the app itself will be protected.
I see that icons are changed for the files present in Comodo folder. Isn’t it supposed to protect the protected files/folder from any kind of alteration?
Tested this malware with CIS 5.9 on win7 x64 with proactive settings antivirus and cloud scanner disabled
there were two alerts when executed the malware Sandbox / Allow / Block
When selected sandbox the malware executed so many Cmd.exe that the computer beacame unusable and hanged
so manually restarted
After restart All the files includind .exe and .msi were modified in such a way that everything includig files on other drives opened in notepad even CIS was modified and was unable to satrt it only executed in notepad
However Windows defender was able to run when manually started it through control pannel but was useless against the malware
Tried to start the computer in Safemode but failed
Tried to repair the system in any way possible but failed
Tried to repair using windows installation disk but failed
The only solution was to format the Computer
Hopefully the file was submitted to egemen prior before testing and hope he finds the solution
I think 5.9 release will have to wait for some more time
Anyways 5.9 passed with all other viruses and tests that were used against it
After egemen testing it he has added some registry key to protected files and folders he claims that now CIS 5.9 will be able to block
cannot conform since he did not test the fix on my pc
