Defense + blocks with me KillSwitch.exe
I have Defense + in Safe Mode
[attachment deleted by admin]
Defense + blocks with me KillSwitch.exe
I have Defense + in Safe Mode
[attachment deleted by admin]
We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.
To understand the reasons why we ask you to follow these guidelines please see below.
WHY WE ASK YOU TO FOLLOW THESE GUIDELINES
Bugs/issues can be impossible or very time consuming to fix if developers don’t have enough information to reproduce them. Since CIS is free, development time is limited. So if you want your issue fixed, please use the format below to describe it.
To avoid clutter, issues not described in the format below your post will not be moved to the ‘moderator verified’ issues topic. This means that the developers may not look at it.
Best wishes and many thanks in anticipation
Dennis
The bug/issue
Files appended. (Please zip unless screenshots).
Your set-up
[attachment deleted by admin]
This is what we expect to see. CIS is protecting its self to memory access by other programs. The only you can do about this is editing the protection rules of CIS to allow Killswitch to access CIS in memory.
This is not a bug in CIS. When you think that the memory access by Killswitch is a questionable engineering practice please report it in the bug report topic of Killswitch.
Thank you for the explanation; I wasn’t sure whether KillSwitch was able to do his job properly as Defense + constantly blocked him.
Can you explain me how to allow KillSwitch accessing the memory?
To resolve the memory access problem:
Select Defense+ → Computer Security Policy.
Scroll down to Comodo Internet Security, select Edit → Protection Settings.
Interprocess memory Access (Active Yes) select Modify → Add -->Now use Running Processes or Browse to point to the concerned file(s) .
Then just “Apply” to each window as you exit.
Thank you very much; it works!
Did not work for me.
I have the same problem with my log, there are new lines added every few seconds, saying xampp-control.exe access memory cmdagent.exe.
After i have done the things written above, the problem is still there.
I could solve it with deleting the complete CIS-group from the policies, which i think isn’t a good solution, but at least it works. -.-
Nibbler. Follow the instructions closely. Please make sure you added the exception for interprocess memory access for xampp under the Protection Settings tab (not under the Access Rights tab).
no a problem, I say let it be. Killswitch will work just fine, as long as you are not trying to destroy CIS with it, there is no problem.
Thank you so much for this.
I was actually considering dumping Comodo because of this problem.
It was doing this with both Xampp and an Nvidia dll.
This is a major flaw in Comodo security though - one cannot expect the average user to go through that entire process, let alone realise what is going on.
Not too sure why they even have “add to Trusted Files” on the right click in Defense+ Events.
Got a new computer and the problem continues to surface with xampp. Adding those exceptions is really painful. Please Comodo fix this.
Like Eric above said, this actually is not a bug, so they have nothing to fix. But I agree that is quite annoying to go through this process every time new version comes out.
Maybe they should add an option to disable logging for particular events, but leave the protection active.
In my case the solution worked partially for xampp. Log Viewer stopped showing that xampp is being blocked, but on Summary page in row “Defence+ has blocked 231 intrusion(s) so far” the number and simple Defence+ Events list is being continuously increasing with xamp-control.exe - access memory - CIS