Sorry for the title but I don’t know what to write.
I use W7 and newest Comodo & D+
I tried to download a new world of warcraft patch (~1,6GB) with utorrent into a folder, that is encrypted with truecrypt. Normally I have no problems using torrents into this folder but since this torrent, CIS behaves strange - unfortunately I didn’t test other torrents.
This is what happens:
D+ shows the warning that utorrent wants to modify the downloaded .exe
I click allow
Few minutes later, D+ asks again → I allow
I disabled D+
Few minutes later, same warning message (every few minutes…)
I closed utorrent → warnings still coming every few minutes (see screenshot)
cmdagent.exe tries to open - over 100x times per second - this file, and thus my system process (with truecrypt driver) takes 50% cpu all the time (not here in this screen - task manager is there, to show that utorrent isn’t running)
Now ten minutes after closing utorrent, everything seems normal again.
First of all uTorrent is not being recognised as a safe application. Did you recently update uTorrent to the latest version (v2.0)?
Second. Disabling D+ works best when setting CIS to “Deactivate the Defense + permanently requires a reboot” (Defense + → Advanced → Defense + Settings).
No I use 1.8.5 and didn’t update in the last weeks.
But anyway; when choosing ‘disabled’ in the tray icon from D+ it normally doesn’t show anymore warnings - here it does.
And it does not explain, why cmdagent.exe tries to read several hundred times/second this specific file.
To be sure D+ is fully disabled you will have to use the route I described in my previous post.
Did you recently change your configuration from Internet Security to Proactive? That could explain why it gets logged now.
I am not sure about the interaction with Truecrypt. I know that Truecrypt protected drives are seen as mounted drives and like USB disks and sticks and network attached drives not regarded as safe by design. So I am wondering if that would also apply to a protected folder as well. :THNK
