Jump to content
Bohemia Interactive Forums
Sign in to follow this  
Followers 0
eRkkituo

ArmA II:OA & Comodo D+ - memory access

By eRkkituo, in ARMA 2 & OA - TROUBLESHOOTING

Recommended Posts

eRkkituo    10

eRkkituo
Posted

Arma II:OA constantly attempts to access memory, targeting the cfp.exe process. This doesn't trigger an alert and is automatically blocked, however, it is logged and causes stuttering at times.

I cannot quite understand why ArmA2OA.exe would even try to access processes not related to it anyhow, especially fw software. Is this perhaps a bug in cheat protection/DRM? I know from experience that SecuROM and the kind are VERY uppity about certain programs (take process explorer for example).

Below is a snippet of the Defense+ log, showing the frequency at which this happens.

COMODO Firewall - Log Viewer Logs

Table

:

Defense+ Events

Date Created

:

2011-12-06 19:00:48

Records count

:

6079

Date Application Action Target

2011-12-06 16:24:45 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 16:24:52 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 16:25:00 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 16:25:00 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 16:25:00 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 16:25:08 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 16:25:16 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 16:25:16 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 16:25:16 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

...

2011-12-06 17:58:52 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:58:52 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:58:52 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:58:52 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:58:58 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:58:58 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:58:58 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:59:03 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:59:12 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:59:12 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

2011-12-06 17:59:12 D:\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe Access Memory C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

End of The Report

Share this post

Link to post
Share on other sites

metalcraze    290

metalcraze
Posted

You should disable Defense+ - it's crap. Use only Comodo Firewall and some good antivirus that isn't Comodo.

Share this post

Link to post
Share on other sites

eRkkituo    10

eRkkituo
Posted

I don't remember asking for your opinion on Comodo or D+. I was wondering why this is happening, as it is somewhat troubling.

Share this post

Link to post
Share on other sites

kklownboy    43

kklownboy
Posted

cfp.exe IS COMODO Firewall Pro's exe. Arma isnt accessing it, Arma is accessing RAM that cfp.exe is watching and logging.

Share this post

Link to post
Share on other sites

eRkkituo    10

eRkkituo
Posted

Update: tested on vanilla ArmA II, same problem. When I opened up the firewall log viewer, I got an entry of arma poking the cfplogvw.exe process.

@kklownboy: I know what the process is. I'm running the free version of comodo firewall. And arma IS accessing cfp.exe's memory. For obvious reasons, comodo doesn't like that (how many fw/HIPS programs _don't_ have a self-defence module these days?). I tried setting the policy for the relevant processes to allow arma to access memory. Log spam stopped, stuttering remains.

If this is the BattlEye client poking around looking for trainers/other software used to cheat in ArmA, isn't it possible to whitelist certain processes? Personally I don't like the idea of being forced to positively cripple security to be able to play.

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing ARMA 2 & OA - TROUBLESHOOTING
×