CIS is acting dumb again

CIS (.6938) is acting as moron again, added executable (of a game) to trusted files many times but still CIS virtualizes it. Normally adding once is enuf but this time no since CIS decided to be ■■■■ and delete added entry as soon as ok was pressed.

Submitted file (talesfrom*.exe).

don’t tell to update to latest version since lookslike it isn’t good enuf yet for autoupdate (other comp is still running version 2 updates ago.

Well CIS (latest) acts dumb again, after some effort (had to manually add it to filter list (easier than trying to find it on the list) and after nagging that it’s there already selecting Trusted) got 1 game to work after CIS always was virtualizing it’s exe even it was added to trusted file (in container and CIS saying in container that it’s trusted) but when I extracted game (different location) again CIS was dumb and was virtualizing it again and had to do same steps as earlier so game worked.

Would think that once it’s there it should work even on new location but alas no.

When starting an unknown application for the first time in a certain directory CIS runs it virtualized. After closing the unknown application and removing it from the “BLOCKED APPLICATIONS” list and changing its File Rating to Trusted and copying the application to another directory then CIS allows it to run normally, so not only in the directory in which it was started the first time as an unknown. That’s how it works on my end.

EDIT:

In other words: Once an application has File Rating Trusted it can be copied to any directory and be run from any directory without CIS interfering.

add containment ignore rule with FILE HASH

:P0l

started app, left it running so it doesn’t vanish from containment, added it to trusted (in containment), closed app and containment and started app and again contained and doing prev. again didn’t change anything until went to file ratings and manually adding it there (and clicking ok on nagging that it’s there already) and selected trusted but apparently it exists only for file in original directory where it was added to trusted list.

finding specific file which is blocked on filelist isn’t easy thing.

Trying to reproduce on my end…
What do you mean with “added it to trusted (in containment)”, did you add the application to the File List manually while it was running in containment (it should already be on the File List, no need to add it again) and set it to Trusted or do you mean something else?

Correct.

When an application gets contained consult the “BLOCKED APPLICATIONS” list to find the blocked application path and its name. After that you go into “File List” and click onto the magnifying glass on the right side of the “File path” header bar to open the search field and enter (part of) the application name in the search field. That way you can easily find the application on the File List and change the rating of the application.
There’s however no need to add the application by hand to the File List once the application has been run in containment, it should be on the File List already.

  1. when it was contained I opened container and right clicked file and selected Add to trusted files
  2. above works most of time except not this time since it kept ending contained aka app.exe (pathless or full path) Fully Virtualized Trusted
  3. yes it was on File list already but like said finding something there isn’t easy thing (even with toggling orders also see 4.) so re-added it (sorta since it was there already) and selected Trusted on window opened
  4. what maginifying glass where? unless you mean lookup then don’t see any there

See screenshot, click on that and enter (part of) the file name you want to search for in the File List in the search field that opens on left to it.
Try it, it’s a very useful and powerful search feature.

ah, i thought that does same as lookup.

Yeah both have that magnifying glass that’s confusing but they are two different things (one lookup feature and one search feature) as you already have found out. :slight_smile: