Unable to access %temp%\aaaaaaaa.DLL

[TekBear]

I have been getting an error about 50% of the time I start up GMinder. GMinder fails with the error message below in the attached images. The event log entries are:

• Event ID: 1026
• Event ID: 5000

See details http://pastebin.com/GW6K9YXU

I get a blank window, and the same type of message when I attempt to exit GMinder (see attached), so I have to kill the process and restart it. I think this a race condition with some random DLL that is being created by GMinder in %TEMP%\aaaaaa.DLL where aaaaaaaa is a random string and the virus scanner looking at when Gminder tries to delete it.

I just installed Avast anti-virus 2016 free version about the time this started. I made some changes to fix another DLL related problem on my machine which was solved by clearingthe value of key HKLM...\CodeBaseSearchPath in the registry. Could this be related?

I found a workaround which stops the Gminder startup error occurring by adding an exception rule in the Avast "file system shield" exclusion list for "%TEMP%*.DLL" so now any DLL created in %TEMP% will not be scanned. The problem went away but this opens a possible CVE. It makes it hard to write a explicit exception rule because the DLL changes on every error message. I will follow this up with Avast support if there is another way to do it.

Could you tell me why does GMinder make these %TEMP%\aaaaaaaa.DLL using random names it may help me better understand the problem. Is it a strange behaviour or is this a normal dot net behaviour? Is there any flexibility in the way this works?

Platform: XP PRO SP3 + Dot Net 4.0.30319 + GMinder 1.4.0.3

[milowg]

This appears to be coming from the XmlSerializer class that GMinder uses to load/save settings. See: https://social.msdn.microsoft.com/Forums/en-US/bdc2d75e-8f08-4f64-bfa2-3be32b509a74/wierd-dll-file-issue-in-net-app?forum=csharpgeneral

There is a way to change this directory to somewhere else, perhaps I can add that feature.

[TekBear]

Ok Gil a specific folder eg %TEMP%\gminder or somewhere in %APPDATA% would be better so I can write an Avast file exception rule specific to that folder.

Thank you for that article link. If I understand it correctly other Dot Net applications (although I have none currently) could do the same thing, so if I change:

• "%WINDIR%\Microsoft.Net\Framework\v2.*\Config\machine.config"
  or
• "%WINDIR%\Microsoft.Net\Framework\v4.0.30319\Config\machine.config"
  or
• "c:\Program Files\GMinder\GMinder.exe.config"

I tested this and was successful changing only GMinder.exe.config adding:

<system.xml.serialization>
<xmlSerializer tempFilesLocation="<C:\\TEMP\\dot-net"/>
</system.xml.serialization>

Within <configuration> node and just before <startup> node in config file. You have to give it an explicit path and use double backquotes (not C:\temp\dot-net)

Then I changed Avast "filesystem shield". Go into customise and exclusion section. Add entry to exclude file scan on "write" of "C:\TEMP\dot-net*.dll" files.

[updated Aug 20, 2016 as last avast update started causing the issue to reappear]

[milowg]

Yes that's certainly worth a try and is a good stop gap until I can change the temp file in the code. Nice find!

[milowg]

Setting this XML file seems to be the only way to fix this issue.