comodo + einstein_S5GC1HF version 304 = not getting along
24 Nov 2010 8:20:32 UTC
Topic 195468
(moderation:
for the last day or so i keep getting a message from comodo about einstein_S5GC1HF version 304 wanting unlimited access to my system. i click the lil "remember my choice" then click "ok" and it keeps coming back. i have also re-excluded the boinc data directory and the process specifically, but it keeps popping up every time einstein trys to run.
idea's?
seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.
comodo + einstein_S5GC1HF version 304 = not getting along
)
I was a Comodo user for about three years after I dropped using Norton. But the combined behavior of Comodo firewall and Nod32 AV were unacceptable to me on my new Windows 7 system, so I dropped them and adopted Kaspersky across my set of PCs (XP and W7). It is not free, but so far I like it.
I'm afraid I no longer remember the Comodo behavior or user interface well enough to give you a more localized suggestion.
RE: for the last day or so
)
Is there a 'setup' or something you can click on to exclude things from the firewall? I have never used Comodo so don't know exactly but most firewalls have a 'configuration' section.
Hi Paul, is it the firewall
)
Hi Paul,
is it the firewall or Defense+ that issues the msgs?
Mike
RE: Hi Paul, is it the
)
defense+
took a look at the log and it shows
Date Application Action Target
2010-11-25 05:51:08 C:\Program Files\BOINC\boinc.exe Create Process, Block File C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_S5GC1HF_3.04_windows_intelx86__S5GCESSE2.exe
2010-11-25 05:53:07 C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_S5GC1HF_3.04_windows_intelx86__S5GCESSE2.exe Sandboxed As Partially Limited
last time i had this problem i just added the contents of both directorys to my "safe files" list, ive done that again but its apparantly not "taking" none the less ive tryd to add just this one file and will see if that works or not.
shame its not signed, i could add it to the "safe publishers" list and not have to do this with each update..
seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.
RE: shame its not
)
I run a six day queue, but intentionally suspended all the older work so that an HF WU ran. Kaspersky was annoyed that the new ap was not digitally signed (I think that was the phrase, may be off a little), but gave me the chance to say that I trusted the application.
So another vote that "signing" whatever that is, might help out some users.
I'm on win7-64 Pro. I run
)
I'm on win7-64 Pro. I run COMODO firewall only (AV and Defense+ is disabled. I like the firewall, but use another product for HIPS and AV.)
I've just tried manually adding the einstein.phys.uwm.edu directory to the Defense+ Trusted Files, and it does't take. Adding individual .exe files from that directory works OK. Same with selecting from the 'running processes' list.
Perhaps if you manually add the C:\ProgramData\BOINC\projects directory and check the 'Include files from subfolders' box that will do the trick.
Or maybe it's the boinc.exe that COMODO doesn't like. Is that in your trusted list?
Mike
RE: I'm on win7-64 Pro. I
)
done that, for both directories. you confirmed what i saw earlier that telling it the directory + include subfolders for some reason doesnt take. i added the exe manually. ive got another ~4 hours on my current wu's ill report back what happens.
seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.
no go, its still doin it. and
)
no go, its still doin it. and of course im getting a bunch of exit zero's because of it.
im at a loss.
looks like im not the only one http://einsteinathome.org/node/195470
seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.
Hi Phil, Take a look at
)
Hi Phil,
Take a look at COMODO's Defense+ forum
http://forums.comodo.com/defense-sandbox-help-cis-b136.0/
"Important Topics" section, and then some of the postings in the main body of the forum. You'll find some relevant stuff in there.
From a quick scan of the info, it looks like some changes were made in the recent update to version 5 of CIS. Which perhaps haven't worked out too well.
Mike
RE: Hi Phil, Take a look at
)
thank you for that, while i didnt find any answers there it did lead me to an apparant work around. and while not ideal it appears to be working.
2. click defense+.
3. click trusted files.
4. click "file path" at the top to sort by file path, it makes this next part easier.
5. check the box on the left of every instance of boinc and click "remove" on the right.
6. click close.
7. click Computer Security Policy.
8. click the "Defense+ Rules" if it is not already selected.
9. click add.
10. click "select" if boinc is running search by process, if it is not browse for it. your after the "boincmgr.exe" file.
11. after selecting "boincmgr.exe" select "use a predefined policy"
12. select "installer or updater" from the drop down.
13. click apply.
14. close out comodo and reboot.
NOTE: this allows boincmgr.exe to run ANY file it desires and comdo will allow it. this is why i say this is not exactly "ideal" but it appears to be working.
NOTE 2: you apparently have to remove each instance from the "trusted files" list for this to work. because if i understand what ive read on the comodo forums correctly when a file is on the trusted files list any policy for the file is "ignored".
ive opted to do it this way because when einstein does an update the file name does not stay the same, thus one would have to define a new policy for each einstein app.
i may be getting client vs app mixed up, i can never keep them straight in my head for some reason lol
seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.