CIS 10.0.1.6223
windows 10 x64
I was trying to test an .exe file, but it would not open in container/ or virtual run.
Eventually I took the risk and opened it normally, it was working fine.
Is anything wrong with the new version?
this is the file h**ps://www.dropbox.com/s/edqzdg15x5oadbl/Starting_Air_System.zip?dl=0
That file is detected by Comodo AV on VT as Heur.Suspicous, so the file will be blocked by default from running.
I did add it to exclusions and then tried to run it in container…
Its a malware that drops a dll into the windows directory and tries to inject into running processes and also attempts to get direct keyboard access and then self-terminates when its done or when it can’t carry out all of its infection routines.
Edit: You can get a general idea of what it does in the container by viewing the HIPS event logs after you manually run application in containment via run in comodo container context-menu.
thank you for your reply, that explains why it wouldnt open.
It would be a good idea to have a message from the antivirus informing the user that the file has self-terminated or something…not doing absolutely nothing isn’t that helpful.
It’s a false-positive. Detection should be fixed now.
In general, some applications self-exit when input access is insufficient. You get similar results when you contain on-screen keyboard (osk.exe) and such apps. Compatibility of contained applications is not guaranteed.
Thank you for your comment, it is a useful thing to know.