CIS blocks nero Express

Comodo Internet Security - CIS Defense+ / Sandbox Help - CIS
#1

Hi support team,

after installing CIS_3.12.111745 I cannot use Nero express anymore…

I’ve Nero 6 OEM Suite installed on my PC and using it without problems for months now.

The strange thing is, that all parts of the suite (Nerovision etc.) is still working fine - only express “dies” - independent of the security level set in Defense+ → defense alert shows up with "nero.exe tries to install a global hook DINPUT.DLL) , I click “allow”, → nothing happens afterwards…

I’ve deinstalled CIS completzely (which was a nightmare, thank’s to the detailled info in this forum…) - nero express worked again.

I reinstalled CIS - problem came back…

Any suggestions?

btw, XP Sp3 is installed

kind regards from germany

#2

Hi pedro2009,

Try to go to Defense+, Advanced, Computer Security Policy and search for Nero related entries. Remove these entries, apply the changes, then go to Common Tasks, My Own Safe Files and add the application to this list.

Regards,
Ionel

PS. I will move this topic to a proper section.

#3

Hi ionel,

thank you for the fast reply - I followed your instructions - but no change in the behavior of nero express
I even set defense settings to the lowest level (“off”) - still no change…

kind regards

Pedro

#4

Did you see any entry related to nero under

CIS-Defense±Common Tasks-View Defense+ Events?

If yes, try to add those under exceptions list at

CIS-Defense±Advanced-Image Execution Control Settings-General-Exclusions

Also, open

CIS-Defense±Advanced-Computer Security Policy

Double click on the entries related to Nero Express and select it as ‘Use a predefined security Policy’ - Trusted Application.

Try again.

#5

Good Morning,

no entry there - such an entry was always created before I (according your recom.) placed nero.exe into “my secure files” appliication area.

so - any more idea’s?

kind regards

Pedro

#6

Did you try the suggestions or just reporting back on your own assumptions? ‘Trusted Application’ status AFAIK gives the program all the powers, while a ‘safe file’ will give it permission to run in the windows environment but there will still be some restrictions like ‘protected registries’ etc.

I mean to say the rule for ‘my own safe file’ is not the same as a ‘trusted application’ IMHO. (I think there is no harm in trying !).

#7

Hi layman,

just to avoid confusion:

your proposal:

Did you see any entry related to nero under

CIS-Defense±Common Tasks-View Defense+ Events?

My answer:

NO!!!

Your proposal in case of “Yes”:

If yes, try to add those under exceptions list at

CIS-Defense±Advanced-Image Execution Control Settings-General-Exclusions

Also, open

CIS-Defense±Advanced-Computer Security Policy

Double click on the entries related to Nero Express and select it as ‘Use a predefined security Policy’ - Trusted Application.

Your proposal in case of “NO”:

none so far…

→ So , as there is no entry , I cannot allocated anything to it…:-))))

kind regards

Pedro

btw. a reboot didn’t help either…

#8

Oops. I thought I communicated you this way.

  1. If there is any entry under Defense+ events you may add those entries (executable) under exclusions list of defense+.

  2. You can tell CIS that this is a trusted application so that all the actions of nero are allowed by CIS. The better option for this is to delete the current entry under ‘computer security policy’ for nero related items and then run nero. When the alert comes, select the policy ‘trusted application’ and ‘remember action’ (if feel it).

It is pertinent to note that on some applications the first alert may not give the option ‘trusted applcation’ (but the second or third alert of CIS will definitely give that - this depends on how these are executed).

For most of the similar problems this solves the purpose.

So my English is very very poor !!!