Problem with comodo firewall
30 Jun 2011 8:40:02 UTC
Topic 195839
(moderation:
I can't find a solution on the forum, my comodo firewall block the einstein application "einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe" because there is not digital certification. I try to go around but the firewall is ...obstinate !
is there a way to have the application certified ?
thank you
Problem with comodo firewall
)
There have been some posts about that subject. To find them, select "Advanced search" in the top left corner of this page and enter "comodo certi" in the search box (without the quotation marks). Then select one year as search limit and start the search.
I hope there'll be some useful information in the three threads coming up.
Gruß,
Gundolf
Computer sind nicht alles im Leben. (Kleiner Scherz)
This is a copy-paste of a
)
This is a copy-paste of a solution that paul milton found some months ago. Worked as a charm for me, now Comodo does not waste crunching time. :))
"1. open comodo.
2. click defense+.
3. click trusted files.
4. click "file path" at the top to sort by file path, it makes this next part easier.
5. check the box on the left of every instance of boinc and click "remove" on the right.
6. click close.
7. click Computer Security Policy.
8. click the "Defense+ Rules" if it is not already selected.
9. click add.
10. click "select" if boinc is running search by process, if it is not browse for it. your after the "boincmgr.exe" file.
11. after selecting "boincmgr.exe" select "use a predefined policy"
12. select "installer or updater" from the drop down.
13. click apply.
14. close out comodo and reboot.
NOTE: this allows boincmgr.exe to run ANY file it desires and comdo will allow it. this is why i say this is not exactly "ideal" but it appears to be working.
NOTE 2: you apparently have to remove each instance from the "trusted files" list for this to work. because if i understand what ive read on the comodo forums correctly when a file is on the trusted files list any policy for the file is "ignored".
ive opted to do it this way because when einstein does an update the file name does not stay the same, thus one would have to define a new policy for each einstein app.
i may be getting client vs app mixed up, i can never keep them straight in my head for some reason lol"
it works but I had to do
)
it works
but I had to do the same for boinc.exe not only boincmgr
thank you
RE: I hope there'll be some
)
Since this thread has been made sticky and one of the three threads already has fallen out of the one-year frame, here the links to the reaining two:
Einstein error
Comodo Internet Security - Trusted Vendor List Sign Up
Gruß,
Gundolf
PS: I can't find the older (or any) forum threads on Google, unlike with other projects. Obviously robots are excluded from the Einstein message boards. Would they generate too much server load? In other projects, external search engines come in handy to find messages older than a year.
Computer sind nicht alles im Leben. (Kleiner Scherz)
RE: PS: I can't find the
)
I'll ask about that and get back to you. :-)
Cheers, Mike.
I have made this letter longer than usual because I lack the time to make it shorter ...
... and my other CPU is a Ryzen 5950X :-) Blaise Pascal
RE: PS: I can't find the
)
Google and bing are probably OK, but we once had certain spiders misbehaving, so we denied access for these.
I'll look into that, but it's not my highest priority. Might take a bit.
[edit]Could you add this to the "wish list", please?[/edit]
BM
BM
RE: it works but I had to
)
sorry about that, i hadnt had to do that for 1 of my systems, but had to for the other one. not sure what the difference was between them (other than 1 was vista the other was xp), by the time i noticed that i was out side the edit window for posts.
glad it worked :)
seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.
What I've done is create a
)
What I've done is create a file-group: BOINC_Projects.
The file-group consists of:
C:\Boinc_Data\projects\*\*
C:\Boinc_Data\slots\*\*
Within Defense+, Computer Security Policy, I create a rule-set for 'BOINC_Projects', i.e., add, select, file-groups and select 'BOINC_Projects' and then assign the predefined policy of 'Installer/Updater' to the file-group.
That allows BOINC projects individually to do what they need. Also, I create a file group called: BOINC_scr which contains:
%ProgramDrive%\BOINC\boincscr.exe
%windir%\boinc.scr
For protected files/folders resources, I specify a single entry:
\Device\Afd\Endpoint
BOINC.exe & BOINCmgr.exe have their own custom policies:
BOINC.exe
run exectutable: 'BOINC_Projects' file group
process termination: 'BOINC_Projects' file group
registry keys:
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ParseAutoexec
HKLM\SYSTEM\ControlSet001\Control\ServiceCurrent\
Protected files/folders:
\Device\Afd\Endpoint
BOINCmgr.exe
run exectuable:
E:\BOINC\boinc.exe
'BOINC_scr' file-group
C:\BOINC_Data\projects\*\*
%PROGRAMFILES%\Internet Explorer\IEXPLORE.EXE
Windows Event hooks: E:\BOINC\boincmgr.exe
process terminastion:
E:\BOINC\boinc.exe
'BOINC_Projects' file-group
Windows Messages:
%SYSROOT32%\csrss.exe
%PROGRAMFILES%\Internet Explorer\IEXPLORE.EXE
Protected Keys:
HKLM\SYSTEM\ControlSet001\Control\ServiceCurrent\
BOINC registry key group:
HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryMessageFile
HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryCount
HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\TypesSupported
Protected Files Folders: \Device\Afd\Endpoint
'BOINC_Projects' file group
run exectuable:
%ProgramDrive%\BOINC\boinc.exe
BOINC_scr file-group
C:\BOINC_Data\projects\*\*
%PROGRAMFILES%\Internet Explorer\IEXPLORE.EXE
The Computer Policy Policies for the aforementioned file groups and executables have DNS Client Service allowed checked (all other resourecs are ticked "ask").
To wrap the package up with a nice shiny bow, I then add all the exe files for each individual project into 'trusted files'. This last step removes the 'unknown' disposition for any BOINC images that are listed in 'active process list'.
My preference concerning 'trusted files' is to have all the trusted files necessary for booting the computer listed first. Easy enough to accomplish by disabling BOINC startup in MSCONFIG prior to a clean install of Comodo. Once the system is running, and all the default trusted files are created, I Ihen manually add %ProgramDrive%\BOINC\Boincmgr.exe, %ProgramDrive%\BOINC\Boinc.exe, %windir%\boinc.scr, %ProgramDrive%\BOINC\boincscr.exe, %ProgramDrive%\BOINC\boinctray, and then go systematically through all of the BOINC_Data/projects/* folders and select ALL exe files en masse. Then add them in one fell swoop.
Works good, last long time.