Defense+ problem with CBOClean and CAVS

I have Windows XP, CAVS 2.0.17.58, CBOClean, CPF 3.0.12.266. Every time I boot the computer or run an application the defense+ alert informing me that BOC425.EXE is trying to access the program in memory. I have repeatedly told the defense to allow it and remember. I have also tried setting it as a trusted application. Also for some reason it will not allow CBOClean to update, today I could only get it to update when I deactivated both the firewall and defense+.
I am also experiencing similar problems with CAVS. Considering these are comodo programs I am very suprised these aren’t on a white list.
I have tried uninstalling and reinstalling, plus using the diagnosics option but so far no luck. It is getting extremely frustrating as when CBOClean does it periodical check it, defense repeats the same alerts for me to keep allowing.
Any help would be great
Cheers

Iain

I forgot to mention that the levels are set to the default levels of

Train with safe mode - Firewall
Clean PC - Defense+

good a thread about CAVS … I have already posted on this but the thread got hijacked to one specific problem and then merged with another thread .
Since the installation of CPF3 The heuristic “on access” scanner of CAVS has become disabled
error as follows:

ERROR

Comodo Antivirus encountered an error

Details
Number : CAV003
Description: On Access Scanner failed to start

You should define all your security software and other as “Trusted Application” in Defense+.

In my XP SP2 system Defense+ doesn’t save “Trusted software” settings. It only creates different rules for the same program. For example one boclean rule every time it accesses another program in memory. Even in “Clean PC” mode I get a massive amount of endless pop ups so for now I have disabled it. It works fine in my Vista64 system.

I have exactly the same problem and have posted in the BOClean forum…
https://forums.comodo.com/comodo_boclean_antimalware/boc425exe_and_cfpv3_defense-t15809.0.html;msg108500#msg108500
NO amount of allowing, trusted program etc. worked.
I wanted to keep BOClean so have switched off Defense+ (was in Clean PC mode).

Mike.

I have a reply and a possible fix from a Mod on the other thread if it helps anyone…

https://forums.comodo.com/comodo_boclean_antimalware/boc425exe_and_cfpv3_defense-t15809.0.html;msg108571#msg108571

Mike.

Hey I’m not a Mod I just post a lot. (:SHY)

Sorry Japo, thought you might be.

It didn’t work unfortunately, see other thread for details.
Hopes for a fix in the future as Defense+ seems to be a very useful part of CFP. :slight_smile:

Mike.

so its been a few days and still no working fix to re-enable the av on access scanner… anyone? obviously the mods/techies are busy with seemingly more vital issues…although aside from total blocking of conectivity i don;t see aanything else as being more important then a disabled antivirus …

For Boclean problems:
Click defense+/Advanced/Computer security policy and right click on Comodo firewall pro. Select Edit. Click Protection settings and then modify interprocess memory accesses. Click add and select BOC425.exe from running processes. Click on apply on each window after this. This should allow BOC425.exe access to memory for CFP3.
Additionally use BOClean excluder and exclude all CFP3 files for good measure.
For updates, if all Boclean files are listed as trusted applications it should work ok. If the files are not present then BOC4UPD can be added manually along with BOC425.exe if needed.

For CAVS I have it listed as trusted application in both firewall and defense+ settings and currently have no problems.

:SMLR

I currently have all comodo software set to “trusted application” status for both the firewall and the defence+. This is including each individual .exe in the comodo directories. My CAVS on access scanner is no longer loading since the install of the v3.

The problem arises when BOC or the on-access function of CAVS tries to inspect CFP processes. They are protected and when other programs try to access the CFP processes, there is an alert generated. As N.T.T.W. posted, you can fix these alerts by putting CFP on the BOC Exceptions list and I imagine that there is a similar “Safe/Trusted/Exception/Ignore” list for CAVS. For BOC: right-click the tray icon and click “Program Excluder” on the menu (it may be hidden, and if so, drag the menu border down to reveal the missing items). On the Excluder window, click File on the menu bar and choose “File Explorer”. Use it to browse to the C:\Program Files\Comodo\Firewall directory (or wherever you have it installed) and then drag the CFP exe files that show the shield icon onto the Excluder window as well as Cfpagent.exe (5 files for me). Then close the File Explorer and click “Close” on the Excluder. Sorry, I don’t use CAVS, so I don’t have detailed directions for that program.