Files in Trusted list still create Defense+ events

Files in my Trusted list still create Defense+ events.

For example,
C:\Program Files (x86)\PhraseExpress\phraseexpress.exe is in the list,
but there are multiple Access Memory event entries for it, with target
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

If it is a trusted file, why are events created?

CIS will prevent even Trusted Files from accessing protected memory locations. That is what is happening for that. There is a way to add that file to an exclusion list even for that, but regardless you can rest assured that it is normal and not indicative of anything wrong.

Let me know if you have any questions.


OK, thanks for that info.
I put phraseexpress process into an exclusion.

No problem. Let me know if you have any other questions.

Please note as you have added it as a exclusion to access memory of any CIS processes it can now kill that process.