Hi, I’ve been using Comodo D+ for many years now and there is one thing that has been annoying me greatly ever since:
A program does a memory access to “System” - whatever that is supposed to be - and in doing so, the whole system freezes. Mouse freezes, clock freezes and thus no Comodo warning popus up. This memory access is repeated a few times, so I have to wait like 1-2 minutes until I can use the PC again.
- What causes this, and what is this “System” process?
- How can I prevent this?
- If there is no good way, how do I remove the protection on the “System” process for memory access. I do not want to allow it separately for every process, I know I can do that, but that is not what I need.
When HIPS starts firing SYSTEM pop-up alerts at you (normally it should not do that at all) then most likely your D+ / HIPS rules got deleted or corrupted by a known bug.
Importing a clean CIS configuration file resolves this behavior but you will lose all your settings and your own created rules.
It is a nasty bug unfortunately.
What is this known bug?
Perhaps I can export all my config, and remove the bug there, then import it as a new ruleset?
I’ve had my config corrupted twice during a system crash/freeze but been able to restore a previous backup and continue with that.
Thank you for reporting.
May i know your cis version and HIPS setting whether it is in safemode/paranoidmode/traningmode ?
126.96.36.19912 @ Windows 7.
I only run Paranoid Mode.
I cannot really reproduce it. It just happens from time to time when starting some software mostly. But I can start a program several times without issues and then it happens some other time.
Thank you for providing the requested information.
We will check and report this to the team.
For the time being set hips to safemode and use CIS.
(Running this version due to the issues you had with HyperV Virtual Switch/WSL/Ramdisks.)