Also please could you tell if if the orphaned ( ) process that is still being alerted is the program executable.
In theory that might be desirable - you would not want the executable running with full installer privs. Think whjat would happen if you were installing an explorer-substitute. All you files would suddently be run as trusted installers
Hello,
No its not the program executable. If you are installing an explorer hijacker and you have given it installer rights then thats your fault
I want it these rights for my IDEs and program launchers. I dont want to create rules for my own executables as I am .net/java/android/php programer/developer and it can get really annoying.
Furthermore, Iām not sure anymore if this happens as I reported previously or if is a bug or even both. When Iām at work i still get popups sometimes for child processes that are not orphaned.
Iām busy with work and real life problems. I will try to make a video tomorrow.
Sorry for the late response. āCloud lookupā and āTrust applications signed by trusted vendorsā should be disabled for true results. Let me give an example. Try 7stacks an app launcher and try to launch QuiteRSS an RSS feed reader. 7stacks just launches the app and then its terminated so You will get Defence+ alerts for QuiteRSS. So this happens ONLY when the installer(or the parent) process closes and Defence+ shows alerts for its child processes. If its indented to work this way then there is no bugs in CISā¦