Major bug in Defence+ protection?

On my system I am consistently able to reproduce a bug as follows:

I put Defence+ in paranoid mode. Explorer.exe is not having a trsuted policy( it has a custom policy to intercet every executable launched by explorer.exe).

I run an executable xyz.exe. I get an alert Explorer.exe trying to execute xyz.exe. I allow it without selecting the “remember this” oprtion. I deny all other actions of xyz.exe( like getting some privilages, accessing other applications in memeory etc). After that I shut down xyz.exe.

Now I launch xyz.exe again. There is no rule in Defence+ about xyz.exe but it is allowed to execute without any pop up from Defence+. Totally unexpected for me!!

I am not sure if it,s a bug or just my system. I am using Eaz-Fix as an instant recovery software and that might be a source of some conflict and hence causing this problem but seems unlikely as I don,t find same bug in previous build of CFP.

Can anyone confirm this? Thanks

Greetings!

This is a normal behaviour for Defense+. Explorer.exe will have permission to execute xyz.exe until explorer.exe is restarted, or your machine is rebooted.

Cheers,
Ragwing

But according to my testing, this was not like this in previous build of CFP? Am i right?
How can I change it to ask each time?

Thanks

It’s been like this since the early alpha builds I guess. Also, I’m 99& sure there’s not a setting for this, but it might be added in the future.

Cheers,
Ragwing

As far as I remember, it was so in alpha version, but in last beta build the beahvior was not like this. I used to get alert each time on execution.

Not sure why they changed it agian with current build. I really don,t feel comfortable with it. I wonder why CFP doesn,t give options like other HIPS:

Allow once
Allow for session

etc etc

I am happy that they have changed this behaviour in the latest update. That,s OK now!