A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.
Can U reproduce the problem & if so how reliably?:Yes, 100%
If U can, exact steps to reproduce. If not, exactly what U did & what happened: Open or run any executable with an already defined HIPS rule like: C:\Users*\blah\blah\something.exe
If not obvious, what U expected to happen: I expected not to be asked again for permissions by HIPS for an already defined rule. This does not happen with 5.12
If a software compatibility problem have U tried the conflict FAQ?: not a compatibility problem.
Any software except CIS/OS involved? If so - name, & exact version: nope.
Any other information, eg your guess at the cause, how U tried to fix it etc: Remove wildcard from rule.
Always attach - Diagnostics file, Watch Activity process list, dump if freeze/crash. (If complex - CIS logs & config, screenshots, video, zipped program - not m’ware)
[/ol]
B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration: Comodo Internet Security 6.2.285401.2860
Have U made any other changes to the default config? (egs here.): No
Have U updated (without uninstall) from a CIS 5?: No
[li]if so, have U tried a a clean reinstall - if not please do?: Yes, clean install
[/li]- Have U imported a config from a previous version of CIS: Nope.
[li]if so, have U tried a standard config - if not please do: Yes.
[/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used: Windows XP, SP 3, 32bit, Administrator.
Other security/s’box software a) currently installed b) installed since OS: a= Avast free b= Avast free
[/ol]
However, can you please attach both the diagnostics report and the Process List. As it’s possible that this issue is specific to certain computers it is very important that both are attached so that if something of that sort does occur the devs can still ascertain where the problem is and therefore how to fix it. I hope you understand.
Open the main GUI, click on the question mark, go to support,and select diagnostics. It will run the diagnostics and provide you with the option to create a report.
Then, go to the tasks side of the GUI and go to the Advanced Tasks section. Then, open KillSwitch by selecting “Watch Activity”, click the menu called KillSwitch, and select “Save Current View”. Then put it in a zip file and attach it to your first post.
Actually, now that I look at this again, shouldn’t this be expected behavior? If you don’t define a part of the path in the middle how can it have any idea where to go afterwards?
What happens if the rest of the path after the ‘*’ is blank? Do you still receive an alert, or does it work accordingly?
I have setup a few rules like these with 5.12 so i don´t have to setup a rule for each user and they work correctly.
It would match anything inside the Users folder, including non-executable files, but currently it does not. I still receive an alert. A rule like C:\Users[i]*[/i] would match:
Okay, as it worked in a previous version, but not with V6, I believe that it may be a bug. Thus, I will forward this to the devs.
Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.
Developers may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.
The bug is still present with version 6.3.294583.2937, however it does not affect every pc. Some of these pc are fresh version 6 installs, others are 5.x upgrades.
