comodo + einstein_S5GC1HF version 304 = not getting along

paul milton
paul milton
Joined: 16 Sep 05
Posts: 329
Credit: 35,825,044
RAC: 0
Topic 195468

for the last day or so i keep getting a message from comodo about einstein_S5GC1HF version 304 wanting unlimited access to my system. i click the lil "remember my choice" then click "ok" and it keeps coming back. i have also re-excluded the boinc data directory and the process specifically, but it keeps popping up every time einstein trys to run.

idea's?

seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.

archae86
archae86
Joined: 6 Dec 05
Posts: 3,157
Credit: 7,183,694,931
RAC: 769,251

comodo + einstein_S5GC1HF version 304 = not getting along

I was a Comodo user for about three years after I dropped using Norton. But the combined behavior of Comodo firewall and Nod32 AV were unacceptable to me on my new Windows 7 system, so I dropped them and adopted Kaspersky across my set of PCs (XP and W7). It is not free, but so far I like it.

I'm afraid I no longer remember the Comodo behavior or user interface well enough to give you a more localized suggestion.

mikey
mikey
Joined: 22 Jan 05
Posts: 12,568
Credit: 1,838,925,661
RAC: 20,987

RE: for the last day or so

Quote:

for the last day or so i keep getting a message from comodo about einstein_S5GC1HF version 304 wanting unlimited access to my system. i click the lil "remember my choice" then click "ok" and it keeps coming back. i have also re-excluded the boinc data directory and the process specifically, but it keeps popping up every time einstein trys to run.

idea's?

Is there a 'setup' or something you can click on to exclude things from the firewall? I have never used Comodo so don't know exactly but most firewalls have a 'configuration' section.

Fermat
Fermat
Joined: 22 Nov 05
Posts: 44
Credit: 1,734,217
RAC: 0

Hi Paul, is it the firewall

Hi Paul,
is it the firewall or Defense+ that issues the msgs?

Mike

paul milton
paul milton
Joined: 16 Sep 05
Posts: 329
Credit: 35,825,044
RAC: 0

RE: Hi Paul, is it the

Quote:
Hi Paul,
is it the firewall or Defense+ that issues the msgs?

defense+

took a look at the log and it shows

Date Application Action Target
2010-11-25 05:51:08 C:\Program Files\BOINC\boinc.exe Create Process, Block File C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_S5GC1HF_3.04_windows_intelx86__S5GCESSE2.exe

2010-11-25 05:53:07 C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_S5GC1HF_3.04_windows_intelx86__S5GCESSE2.exe Sandboxed As Partially Limited

last time i had this problem i just added the contents of both directorys to my "safe files" list, ive done that again but its apparantly not "taking" none the less ive tryd to add just this one file and will see if that works or not.

shame its not signed, i could add it to the "safe publishers" list and not have to do this with each update..

seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.

archae86
archae86
Joined: 6 Dec 05
Posts: 3,157
Credit: 7,183,694,931
RAC: 769,251

RE: shame its not

Quote:
shame its not signed


I run a six day queue, but intentionally suspended all the older work so that an HF WU ran. Kaspersky was annoyed that the new ap was not digitally signed (I think that was the phrase, may be off a little), but gave me the chance to say that I trusted the application.

So another vote that "signing" whatever that is, might help out some users.

Fermat
Fermat
Joined: 22 Nov 05
Posts: 44
Credit: 1,734,217
RAC: 0

I'm on win7-64 Pro. I run

I'm on win7-64 Pro. I run COMODO firewall only (AV and Defense+ is disabled. I like the firewall, but use another product for HIPS and AV.)
I've just tried manually adding the einstein.phys.uwm.edu directory to the Defense+ Trusted Files, and it does't take. Adding individual .exe files from that directory works OK. Same with selecting from the 'running processes' list.

Perhaps if you manually add the C:\ProgramData\BOINC\projects directory and check the 'Include files from subfolders' box that will do the trick.

Or maybe it's the boinc.exe that COMODO doesn't like. Is that in your trusted list?

Mike

paul milton
paul milton
Joined: 16 Sep 05
Posts: 329
Credit: 35,825,044
RAC: 0

RE: I'm on win7-64 Pro. I

Quote:

I'm on win7-64 Pro. I run COMODO firewall only (AV and Defense+ is disabled. I like the firewall, but use another product for HIPS and AV.)
I've just tried manually adding the einstein.phys.uwm.edu directory to the Defense+ Trusted Files, and it does't take. Adding individual .exe files from that directory works OK. Same with selecting from the 'running processes' list.

Perhaps if you manually add the C:\ProgramData\BOINC\projects directory and check the 'Include files from subfolders' box that will do the trick.

Or maybe it's the boinc.exe that COMODO doesn't like. Is that in your trusted list?

done that, for both directories. you confirmed what i saw earlier that telling it the directory + include subfolders for some reason doesnt take. i added the exe manually. ive got another ~4 hours on my current wu's ill report back what happens.

seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.

paul milton
paul milton
Joined: 16 Sep 05
Posts: 329
Credit: 35,825,044
RAC: 0

no go, its still doin it. and

no go, its still doin it. and of course im getting a bunch of exit zero's because of it.

im at a loss.

looks like im not the only one http://einsteinathome.org/node/195470

seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.

Fermat
Fermat
Joined: 22 Nov 05
Posts: 44
Credit: 1,734,217
RAC: 0

Hi Phil, Take a look at

Hi Phil,
Take a look at COMODO's Defense+ forum
http://forums.comodo.com/defense-sandbox-help-cis-b136.0/

"Important Topics" section, and then some of the postings in the main body of the forum. You'll find some relevant stuff in there.
From a quick scan of the info, it looks like some changes were made in the recent update to version 5 of CIS. Which perhaps haven't worked out too well.

Mike

paul milton
paul milton
Joined: 16 Sep 05
Posts: 329
Credit: 35,825,044
RAC: 0

RE: Hi Phil, Take a look at

Quote:

Hi Phil,
Take a look at COMODO's Defense+ forum
http://forums.comodo.com/defense-sandbox-help-cis-b136.0/

"Important Topics" section, and then some of the postings in the main body of the forum. You'll find some relevant stuff in there.
From a quick scan of the info, it looks like some changes were made in the recent update to version 5 of CIS. Which perhaps haven't worked out too well.

thank you for that, while i didnt find any answers there it did lead me to an apparant work around. and while not ideal it appears to be working.

  • 1. open comodo.
    2. click defense+.
    3. click trusted files.
    4. click "file path" at the top to sort by file path, it makes this next part easier.
    5. check the box on the left of every instance of boinc and click "remove" on the right.
    6. click close.
    7. click Computer Security Policy.
    8. click the "Defense+ Rules" if it is not already selected.
    9. click add.
    10. click "select" if boinc is running search by process, if it is not browse for it. your after the "boincmgr.exe" file.
    11. after selecting "boincmgr.exe" select "use a predefined policy"
    12. select "installer or updater" from the drop down.
    13. click apply.
    14. close out comodo and reboot.

NOTE: this allows boincmgr.exe to run ANY file it desires and comdo will allow it. this is why i say this is not exactly "ideal" but it appears to be working.

NOTE 2: you apparently have to remove each instance from the "trusted files" list for this to work. because if i understand what ive read on the comodo forums correctly when a file is on the trusted files list any policy for the file is "ignored".

ive opted to do it this way because when einstein does an update the file name does not stay the same, thus one would have to define a new policy for each einstein app.

i may be getting client vs app mixed up, i can never keep them straight in my head for some reason lol

seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.