Hello, I am the developer of Windows Media Player 11 Slipstreamer. This program is written in C# and seems to have uncovered a bug in Comodo.
My program uses .NET interop to make calls to cabinet.dll to decompress cab files, and according to MS SDK, when FDICopy calls the notification function I pass via .NET interop with fdintCLOSE_FILE_INFO, I try to set file attributes and creation times.
When Defense+ is active (on any level) I get exceptions in my event handler function (in random files but all are “executable” (*.exe *.sys *.dll *.ocx)) that the file is locked by another process.
I suspect a race condition because it occurs less frequently when PC is under load. Of course I am opening the file for write access (to set creation time).
I have tried:
- Adding app to safe list
- Turning off Image File Execution (was on Medium)
- Decreasing Defense+ level by level
- Permanent disable of Defense+ ← Fixes it.
There are no interactions in Defense+ Events with my program (and no alerts).
It was previously set on “Train with Safe Mode”.
My investigation:
- AMON + Defense+ + Firewall (Fails)
- AMON + Defense+ (Fails)
- Defense+ (Fails)
- Defense+ + Firewall (Fails)
- Firewall + AMON (works)
I am running NOD32 2.7.39 at the same time. Disabling AMON didn’t make any difference. I am investigating the issue more and will edit this post when I get more results…
If you want any more info I will be glad to assist where I can.