A. THE BUG/ISSUE (Varies from issue to issue) 1. What actually happened or U actually saw: Excluded path wildcards in AV don’t effect sub-directories 2. If not obvious, what U expected to happen or see: Don’t detect files in sub-directories of white-listed folder. 3. Can U reproduce the problem & if so how reliably?: Will wait problem to repeate… 4. If you can, precise steps to reproduce it. If not say what you did before it happened: Add path to exclusions; wait for random detection (for me that happens twice due boot-scan) 5. If a software compatibility problem have U tried the conflict FAQ?: - 6. Any software except CIS/OS involved? If so give name, exact version, & download link: No 7. Any other information, eg your guess at the cause, how U tried to fix it etc: - 8. Always attach: Diagnostics file, Killswitch processes, dump (if freeze/crash). If complex: CIS logs & config, screenshots, video.: Screenshot with detection pop-up and settings in attachment.
B. YOUR SETUP (Likely the same from issue to issue, users can copy forward) 1. CIS version & configuration: CIS 6.0.260739.2674 2. Modules enabled & level. Defense+/HIPS, Autosandbox/BBlocker, Firewall, & AV: Default + HIPS + enh. prot. 3. Have U updated (without uninstall) from a previous version of CIS: No. Clean install on almost clean OS 4. Have U imported a config from a previous version of CIS: No 5. Have U made any other major changes to the default config? (egs here.): Enabled HIPS and enhanced protection 6. OS version, SP, 32/64 bit, UAC setting, account type, & virtual machine used: Windows 7 Sp1 x64, UAC enabled (default settings), administrative account, not in VM. 7. Other security & sandbox software a) currently installed b) installed since last OS install: Sandboxie 3.76
We would very much appreciate it if you would be kind enough to edit your report to put it in the standard format as this will make it much easier for the developers to diagnose and fix the problem.
The reasons we need all the information in the format, though they may not seem directly relevant to the issue are explained here.
If you are able to do this we will forward this post to the format verified board, where it is more likely to get looked at by developers. You can find assistance using red links in the format and here. If you need further help please ask a mod. If you do not add the information after a day or two we will forward this post to the non-format board. If this happens we will tell you how to rectify this if you wish to.
In the current process we will normally leave it up to you whether you want to make a report in standard format or not. However we may remind you if we think a bug of particular importance.
Thank you very much for your bug report in standard format. We very much appreciate the effort you have made to document this bug.
We are sorry to trouble you further but there are some items of information missing or unclear in your post:
A4. Exact steps which the devs can use to replicate the bug
The reasons we need these items of information, though they may not seem directly relevant to the issue are explained here.
We would be very grateful if you would add these items of information so we can forward this post to the format verified board, where it is more likely to get fixed. You can find assistance using red links in the Format and here. If you need further help please ask a mod. If you do not add the information after a week we will forward this post to the non-format board. If this happens we will tell you how to rectify this if you wish to.
In the current process we will normally leave it up to you whether you want to make a report which includes all necessary information or not. We may remind you if we think a bug of particular importance.
Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.
Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.
I think it’s because on the alert popup we see dos-name (8 char) instead and that’s what was probably passed to AV. Most likely if you’ve add “C:\metasp~1*” it would work for both (dos-name and long-name), but it’s an obvious glitch.