According to D+ it has blocked 22 attempts but when I check them they are boclean & cleanmem. When I run cleanmem manually & view it in task manager it appears to be doing its job boclean also updates the icon flashes. So are they being blocked or is this a bug?
Hello Stuartm,
By Blocked are you referring to that the application is trying to access the memory of cfp.exe ?
Hi It appears to be boclean action is access memory target is cpf same applies to cleanmem. Also explorer.exe was flagged as the same. Coul;d you also explain why in clean pc mode acer recovery file is pending I put in my safe files then reboot it goes to pending again? Thanks
For programs you trust you can do the following, open D+ policy go to “Comodo internet security” open protection settings, “interprocess memory access” and add the executables you trust. You can Add BoClean but i would not add explorer.exe because that’s always running the risk of becoming infected.
What does it detect for it’s location of that file ?
The recovery file has changed, perhaps?. Every change would be considered a new or different file. I never did like Acer, so I can’t answer why it would change.
As far as memory sharing violations, try this:
Select Defense+/Advanced/Computer Security Policy.
Scroll down to Comodo Internet Security, select Edit/Protection Settings.
Interprocess memory Access (Active Yes) select Modify/Add/Running processes.
Scroll down to locate the application. Click it and click “Select”.
Then just “Apply” to each window as you exit.
Don’t know about eplorer.exe as I reinstalled cis & it doesn’t flag it also looks like boclean & cleanmem aren’t being flagged either but I will keep an eye on it.
Done the edit don’t know if boclean being flagged yet but cleanmem is! If I run cleanmem manually & watch task manager it does look like its doing the job in which case why would it be logged as blocked?
CIS (D+) is logging when the application attempts to use the same memory as it is (memory sharing issue). The program will run, just not in the same memory space as CIS. This is simply an attempt to use the same memory space as CIS. The solution I gave above will disable logging those requests for the application you select (only).
Some malware will attempt to steal memory so this is a good indicator of something going on.
Since your application is valid, simply remove the logging of memory share attempts for that particular application will resolve your issue.
I have had this with 4 of my own applications. You are safe and the applications will work properly.
It doesn’t stop the logging of cleanmem which I can live with as long as the product is working. Just put cleanmem schtask.exe through what you said & it never got flagged.
Just a little thankyou to the above both processes no longer being flagged.