The bug/issue
- What you did:
Got a pop-up from D+ for C:\Users\SirComo\AppData\Local\Google\Chrome\Application\10.0.648.114\gcswf32.dll that it wants to access the memory of chrome.exe
I allowed it and selected the remember option. The rule got created but the drive letter is not included in the path, only “\Users\SirComo\AppData\Local\Google\Chrome\Application\10.0.648.114\gcswf32.dll” is in the path. - What actually happened or you actually saw: The drive letter is dropped from the path in the rule. This is a problem because if I purge the rules, this rule is removed as the path is invalid.
- What you expected to happen or see: The drive letter must be part of the path
- How you tried to fix it & what happened:
- If its an application compatibility problem have you tried the application fixes here?:
- Details & exact version of any application (execpt CIS) involved with download link:
- Whether you can make the problem happen again, and if so exact steps to make it happen: Yes, it can be reproduced for other apps too, and .cmd script files.
- Any other information (eg your guess regarding the cause, with reasons):
Check .cmd files too, it happens for those too.
Even if I add the correct full path manually as a rule, D+ won’t use it, it still pops up an alert and creates a new rule with the path missing the drive letter.
Files appended. (Please zip unless screenshots).
- Screenshots illustrating the bug:
- Screenshots of related CIS event logs and the Defense+ Active Processes List:
- A CIS config report or file.
- Crash or freeze dump file:
Your set-up
- CIS version, AV database version & configuration used: 5.3.181415.1237
- a) Have you updated (without uninstall) from CIS 3 or 4: No, clean install
b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: - a) Have you imported a config from a previous version of CIS: No
b) if so, have U tried a standard config (without losing settings - if not please do)?: - Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): No
- Defense+, Sandbox, Firewall & AV security levels: D+= CleanPC , Sandbox= Off, Firewall = Safe, AV = Off
- OS version, service pack, number of bits, UAC setting, & account type: Win7 Pro x64 SP1, UAC elevate without prompt, admin account
- Other security and utility software installed: MSE AV
- Virtual machine used (Please do NOT use Virtual box): No