Yes, Ken, you’re in luck.
I’ve extracted the VS log entries covering the period during which I did the installations. Weirdly, I could find only one entry saying ‘User Allowed’, for that would be one where I responded to the prompt. There should have been one for each installation. I’ve saved the list as a txt file, which I’d be happy to send you so you get a better idea of what VS was up to, but here’s the one User Allowed entry:
22/05/2020 20:24 User Allowed gwdrvins.cmd c:\users\philip\appdata\local\temp\nsz935a.tmp\gwdrvins.cmd 0 55 37a1cc07dea0aa1367f5ee44aa41c80ad6c6b82069e6c89ffa18c215059dd4c5 c:\windows\system32\cmd.exe /c ""c:\users\philip\appdata\local\temp\nsz935a.tmp\gwdrvins.cmd" -i "c:\program files (x86)\security\glasswire\driver\x64"" 1385 glasswiresetup-2.1.167.exe e:\downloads\glasswiresetup-2.1.167.exe Philip
– And yes, that is from when I reverted back to the earlier GW version, but it does highlight a significant point.
I should explain that it’s highly problematical behaviour of various installation programs to run programs or scripts from uniquely-named folders or files, because they can’t be whitelisted, and are thus a problem for security software to recognise as safe.
I’d run into that issue with other program installers and indeed had a really nice exchange with Dan, the VS developer, who explained the problem, and how with VS this could be worked around by creating a rule to make an exception for the particular Temp folder. I set that up and found that I could still choose to have a choice of conditions applied to that exception to make it as safe as possible - the one condition that I had to leave disabled being ‘if it is digitally signed’. I think if I disabled one or more of the other conditions there would be no issue from GW installer - but I’d rather keep most of the conditions if possible for safety, and rather just remember to temporarily turn off VS (a simple left-click on tray icon) immediately before running the installer of any program I trust.
But more generally, I’d seriously recommend to ANY software developer to understand the problem they create for users of some AV / AM programs by creating temporary scripts / exes in uniquely named folders or/and with unique filenames. They need to make it as simple as possible for all their installation programs and scripts to be easily whitelistable.
That’s my million-dollars’ worth for the moment!