Defense+ blocking BOClean

Boffinboy · December 27, 2008, 7:54pm

Hi there, I recently installed BOClean, followed by COMODO firewall (with defense +). Defense+ seems to have blocked several actions by BOClean file BOC427.exe. Presumably this will interefre with BOClean’s functionality? Should I add the file to the Defense+ security policy as a trusted application? What about other BOClean files? This would still be a problematic workaround as any update to BOClean would require me to manually update the Defense+ policies. Any help/advice would be appreciated - Boffinboy

Dennis2 · December 27, 2008, 8:17pm

Welcome to the forum Boffinboy
When say blocked do you mean BOC427.exe is trying to access memory of CPF3/CIS.
Dennis

Boffinboy · December 27, 2008, 11:27pm

Hi Dennis, thanks for the welcome! Yep, I am referring to the ‘blocked suspicious attempts’ log which lists blocked attemps by boc427.exe to access memory of cfp, cmdagent, cfpupdat and crashrep. Whilst these were the main blocks it also blocked an attempt by boc427.exe to access memory of SMSS.exe. I am unsure if this is going to prevent Boclean from being effective at its job! Thanks in advance - Ben

jeremysbost · December 28, 2008, 2:30am

You can put all the .exe’s you see in BOClean’s program folder into CIS’s safe list: https://forums.comodo.com/defense_guides/how_to_make_a_file_safe_in_cis_how_to_change_a_d_policy_in_cis-t29780.0.html;msg215600#msg215600

I think BOClean will still be doing its job effectively, just it won’t be able to scan those already safe files that CIS is trying to protect.

Dennis2 · December 28, 2008, 6:47am

If you want to allow access for boc427.exe go to Defence+/Advanced/Computer Security Policy/click on entry for CIS/Edit/Protection settings/Interprocess Memory Access/click on Modify/Add/Running process click on boc427.exe and click select and then click on apply on the four open screens. Screenshot below.
Dennis
Edit I have on my Vista comp. which I do run BOClean.

[attachment deleted by admin]

kre8again · January 9, 2009, 6:21pm

Hi Dennis2. Thanks for posting that. I have the same issue, so i followed your clear instructions. :BNC

I would think that CIS would have this built in rather then have users do it manually. After all, it is ‘all in the family’. (:TNG)

Also, before this I tried to add the BOC files to My Own Safe Files list and D+ would not add them. ???