Hi guys,
I’ve been using CIS Premium for a while, and I have to say I am impressed. The one thing that keeps bugging me though is that Defense+ keeps blocking SetPoint.exe (Logitech mouse software and driver). It gets the flag of Access Memory, and the target is either cfp.exe, or cfpupdate.exe, both of which are CIS executables.
Setpoint is set as a safe executable, and in the Defense+ Rules everything is set to allow except Run an executable, Proteceted Registry Keys, and Protected Files/Folders, which were all set to Ask. In the Exclusions for Run an executable there are 3 Allowed Applications which are all Logitech related, and no Blocked Applications.
Should I add cfp.exe, and cfpupdate.exe to the Allowed Applications in the Run an executable Exclusions?
Any help, advice, or an explanation of what is happening and why would be greatly appreciated.
Cheers
If you want to unblock memory access you need to edit the protection rules of the Comodo Internet Security group and allow Setpoint.exe to access memory.
v5
To resolve the memory access problem:
Select Defense+ → Computer Security Policy.
Scroll down to Comodo Internet Security, select Edit → Protection Settings.
Interprocess memory Access (Active Yes) select Modify → Add -->Now use Running Processes or Browse to point to the concerned file(s) .
Then just “Apply” to each window as you exit.
ya i’ve seen these stuff. it’s not completely blocking the driver. but i think it’s the Comodo self-protect mode that blocks all other programs from accessing Comodo’s memory.
you can add the setpoint.exe to Comodo file group’s exclusion list under Interprocess Access.
here is a guide
https://forums.comodo.com/defense-sandbox-faq-cis/access-memory-event-log-entries-how-can-i-suppress-these-v5-t61745.0.html
edit: oops. EricJH was faster lol. ;D
Thanks guys that worked a treat.
:-TU
Same problem. But I’m not quite sure I understand the path for the solution.
Clicking on Computer Security Policy in the main window Defense + gives me a window with 8 tabs.
In the Defense+Rules tab, is was a tree with CIS and further down, under Applications, a path that leads to SetPoint.exe
If I highlight the main CIS line and click Edit… I get a dialog window with
- Use a Predefined Policy
- Use a Custom Policy
I don’t see Protection Settings. Clearly I am being stupid because Redsnake77 does!
I don’t see a path to Interprocess memory access.
Please advise further.
Thanks
You need to edit the protection settings of Comodo Internet Security to allow the memory access.
The reply I gave is a standard procedure for v4. See attached image for reference.
[attachment deleted by admin]