LGS tries to access CIS memory


Defense+ is blocking an external intrusion (I have CIS in french, so I’m not sure of the english term) because it tries to access its memory…
I attached a report if you want to see the message.

The software is Logitech Gaming Software, it’s a driver for logitech wheel.

Is there a way to avoid this error ?

[attachment deleted by admin]

yes there is:

Defense+/Computer Security Policy.
Locate and select Comodo Internet Security.
Click Edit/Customize/protection Settings
Find ‘Interprocess Memory Access’, click ‘Modify’ under ‘Exceptions’
Click ‘Add’, and since I can assume your Logitech software IS running, select ‘Running Processes’.
Locate your program (I have two: Setpoint.exe and LWEMon.exe) and select them.
Click ‘Apply’ and/or ‘Ok’ to exit each window.
This will stop the intrusion alerts, and allow the software to run as it should.

ok, I did that.
I tried to restart LGS, but the error still occurs.

Did you click the ‘apply’ or ‘Ok’ to exit each window as you backed out?
failing to do this will not add the files.
You can go back in and scroll down to see if the files were added.
Then, if a restart does not resolve, try adding the file to your Defense+ Trusted Files.

Yes, the file is in “exceptions”

I tried to do that, but CIS says it’s already in the list. When I take a look at the list (trusted files), I can’t see it.

I attached some screenshots…

[attachment deleted by admin]

Please list the steps and mouse clicks you took to add this file.
This works instantly, so I keep thinking you clicked a wrong tab or link.

Note, you cannot add it as trusted as it is Trusted via the Trusted Vendors (my error, sorry).

Thank you.
Awaiting your report.

Defense+ → Security Policy
I select the CIS Group (which has personalized strategy) and click “Modify”
Then I click “Customize”
I click “Modify” in the same row of “Interprocess Memory Access”
I click Add → processes, I select LWEMon.exe, then click OK.
Now, the exceptions rule has 1/0 in front of “Interprocess Memory Access” (cf. the screenshot)
I click on OK, then Apply, then OK.

I took the screenshot by re-opening everything, the rule was still there.

I’ve used the same process described by John Buchanan on my Win7X86 system and the rule for LWEMon.exe is working correctly here.

Ah, Step 4 in your list should be step 5.
Click the Tab marked ‘Parametres de Protection’ (I am not French, so forgive me).

I hope this helps.

Ok thank you, it seems to work now :slight_smile:
I tried to change the language to english but I had to reboot ^^;

edit: yep, a few minutes without alerts, it works. thanks :slight_smile:

I am happy to have helped.