I have Comodo Firewall installed and I monitor Defense+ in the Summary tab located off of the Comodo’s main interface. Defense+ says that it is blocking an X amount of intrusion(s) so far. The X number rises every few seconds and does not stop. When I click on the numbers to open the “Defense+ Events” viewer it shows me that the Application C:\Program Files\OO Software\CleverCache\ooccctrl.exe is being flagged as Access Memory and the target C:\Program Files\COMODO\COMODO Internet Security\cfp.exe . I don’t want Defense+ to keep showing me this count for CleverCache. I trust CleverCahe. I don’t know if COMODO Defense+ is blocking CleverCache or only logging the event when it shows the count. I want to allow CleverCache to do what it needs to do and stop COMODO in showing me the count for this action. Is there a way to do this just for CleverCache? In the “Defense+ Events” viewer, I right clicked on the CleverCache application and chose “Add to Trusted Files” option. I am still having my issue. Help please.
What you’re seeing is CIS autoprotection at work. It blocks unauthorized access namely interprocess memory access to its components.
If you want to allow CleverCache memory accesses to CIS, go to Defense+ (or HIPS depending on the CIS version you are running) rules, right click on Comodo Internet Security rule > edit > customize > Protection Settings > click on modify in the row of Interprocess Memory Accesses > Add > Browse to C:\Program Files\OO Software\CleverCache\ooccctrl.exe < move it to Selected Items > Apply > Apply > OK > Apply > OK.
I don’t want to make a mistake. My version of COMODO Firewall is 5.12.256249.2599. I am using the free version. The directions you gave me does not exist for me. In the Defense+ tab off of the main GUI I see “View Defense+ Events”, “Trusted Files”, Unrecognized Files", “Computer Security Policy”, “View Active Process List”, “Run a Program in the Sandbox”, “Defense+ Settings”. Can you provide me once again the instructions but following this version of COMODO Firewall where this layout exists and thanks again.
To access Defense + rules in CIS 5.12 go to Defense + > Computer Security Policy > answer yes when asked if you want to continue and there you are. If you scroll in the application names, you’ll see a rule for Comodo Internet Security treat as Custom Policy. From there, just follow the steps I mentioned in my previous post.