Defense+ Intrusions

I’m trying to figure out why Defense+ is blocking files that are on my trusted list. Things like logitech’s Setpoint.exe and other harmless programs that I have listed as trusted in the trusted list in Defense+, are still triggering blocks (that little click-able counter for blocked intrusions on the main CIS page). Any ideas?

Win7 x64, CIS 5.3

do you have the “block all unknown request is application is closed” option checked in defense + settings?

Nope.

=/

EDIT: These forums are seriously bunked. Blocking access for 1 second because it thinks i’ve already posted within the last second when I haven’t? And then to continue to block access after waiting minutes even when the block was meant to be for 1 second? Time to overhaul the back-end, maybe try phpBB.

Hi Sphynx, i may have an idea of what these D+ blockings are and how you can solve them! Basically CIS is very strict about what it lets access it`s memory space and programs like Logitech Setpoint do scan the active memory components.
Does the block look something like [Application] C:\ProgramFiles\Logitech\Setpoint.exe [Flag] Access memory [Target] C\ProgramFiles\Comodo\ComodoInternetSecurity\cmdAgent.exe ??

If so you need to add the executable to Allowed list for “Interprocess memory access” for Comodo Internet Security.

First off select Defence+ from the interface, next click on “Computer Security Policy”->Scroll down to the entry labelled Comodo Internet Security and double left click on it.
At the “Application System Activity Control” windows click on “Customize” then the “Protection Settings” tab.
Now click on “Modify” next to “Interprocess Memory Access”. The next window is where you add the executables to the list. Click on Add, then you can either use Running Processes or Browse to find Setpoint.exe.
Double click it and you should see it added at the bottom of the list (picture 2 shows MBAM.exe added to the default list). Now click Apply/OK to close all windows.

Hopefully this will solve it!
Matty

[attachment deleted by admin]

That was a very illustrative answer,

I’ve done what you advised and we’ll see if CIS flags the relevant exe’s in the future.

Thank you for that! ;D