i installed CFP 3.5 and i have 2 little questions :
1°) I had an alert for SVCHOST , what should i do : “trusted application” or “outgoing only”?
2°) I have many alert notifications for Boclean, i marked it as “trusted” but it keeps beeing blocked by D+. What shoiuld i do ?
i removed boclean entry in d+, but i didn’t understand what i should do next ? (:SHY) when the rule will be re-created do i have to “treat is as installer”. (boclean is allready installed…)
the d+ blocks it and logs it when boclean trys to access “cfp.exe/ cfplog/cfpupdt”
how could I allow this ?
i tried this "The reason you are getting these alerts/notification
s about BOClean is due to BOClean doing its scan of anything which is using the memory.Defence+ does not like anything it doesn
t know about trying to scan/alter it so it will not let it. You can allow BOClean to be excempt from this thus avoiding the logs by adding the executables to Comodos protection setting exceptions list.
To do this From the main menu click Defence+/Advanced/Computer security policy/Now highlight the Comodo Firewall Pro entry and click “Edit”/Now click on “Protection settings”/In the new window click on “Modify” next to “Interprocess memory access”/Now “Add”/Running processes and double click on the 2 BOClean executables/APPLY to close all windows.
Was it the thing to do ?
To be perfectly honest, I think you can uninstall BOClean for now cvsa. It’s going to be in CIS in the future anyway. You won’t lose much protection when you uninstall it - CIS should be just fine.
will it be in cis even if you don’t install CAV (just firewall)? :THNK
Wouldn’t you wish to list svchost as"trusted" since you are sending it out to play?
My reason for asking:
Unless I misunderstand the process, svchost is required to run quite a bit of Windows services.
Nope svchost dose not need unsolicited inbound internet connections outbound only is all is needed there. otherwise anything could connect to svchost via inbound you would not want some malicious website or worse hacker connecting and affecting your pc right. best outbound only.
I am not sure how BOClean will be configured in CIS… We will see.
I did by “outbond only” but it generated blokings alerts with my second pc (private network) : svchost.exe direction “in” coming from the ip of my second pc. so i set it back to “trusted”