[ol]- Attachment #1
- COMODO Firewall Beta 7.0.308911.4080
- Windows 8.1 x64 (Version 6.3.9600)
[li]HIPS to Paranoid Mode
- Cloud Lookup disabled
- Trust applications signed by trusted vendors - disabled
- Trust files installed by trusted installers - disabled
- Clean install. Clean configuration.
[li]Make sure that Viruscope is enabled.
- Run a program that may write to, close, then re-open a file with no file sharing options.
- cmdagent.exe opened the file when it was written to and closed… then the original program re-opened the file before cmdagent.exe could close it, causing a conflict with the original program’s lack of file sharing flags.
- It should be accounted for that programs may not create file handles that share access. cmdagent.exe should either suspend programs trying to access files it is scanning, or something else safer than immediately opening it.[/ol]
Attachment #2: Procmon log screenshot of normal operation. (Viruscope OFF)
Attachment #3: Procmon log screenshot of a failed operation. (Viruscope ON) (Tester application displays an exception)
Attachment #4: Tester program that cleanly shows the bug. (Requires .NET 4)
[attachment deleted by admin]