Defense+ is confused about the function of .tmp files with Locknote[Issue Report

The bug/issue

  1. What you did: Open Locknote 1.04 from Stegnos to add information

  2. What actually happened or you actually saw: Locknote creates a .tmp file and when you close the main file CIS D+ thinks that the temp file is an executable that is going to modify Locknote. As a result the changes to Locknote are lost when I attempt to save them. After much fiddling I got it to accept the Locknote .tmp file but then it warned me every time I use Locknote that an unknown file is modifying Locknote when all that is happening is that the .tmp file is being encrypted and closing the Locknote executable.

  3. What you expected to happen or see: To know that a temp file created by a program is not an executable and allow me to close Locknote with it having saved the changes. This is what used to happen before the latest update to CIS.

  4. How you tried to fix it & what happened: Added the Locknote .tmp file to the Trusted files list and now get no more warnings but I am concerned that this will allow a potentially malicious tmp file to be allowed to execute.

  5. If its an application compatibility problem have you tried the application fixes here?: Haven’t seen any fixes here.

  6. Details & exact version of any application (execpt CIS) involved with download link:

Download: Steganos LockNote download | Version 1.05

  1. Whether you can make the problem happen again, and if so exact steps to make it happen: Haven’t tried but removing the temp files from the “Safe” application list would probably recreate the issue.

  2. Any other information (eg your guess regarding the cause, with reasons): Something changed between version CIS 5.4.189822.1355, Virus Database 9093 and a previous version - not sure which it was.

Your set-up

  1. CIS version, AV database version & configuration used: CIS 5.4.189822.1355, Virus Database 9093

  2. a) Have you updated (without uninstall) from CIS 3 or 4: No

    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:

  3. a) Have you imported a config from a previous version of CIS: No
    b) if so, have U tried a standard config (without losing settings - if not please do)?:

  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): No

  5. Defense+, Sandbox, Firewall & AV security levels: D+= Safe Mode, Sandbox=(Don’t know where to find this) , Firewall = Stateful, AV = Stateful

  6. OS version, service pack, number of bits, UAC setting, & account type: XP SP3 bits ? (where does one find this?) UAC not on XP I think, Account type: Administrator

  7. Other security and utility software installed: Spybot Search & Destroy Resident, WinPratrol Scotty

Thank you for your Issue report.

Moved to verified.

Thank you