Cyberhawk twice today flagged Comodo BOClean for trying to connect to the internet in an unexpected manner. First time, I chose deny and BOC immediately disappeared from the system tray. I restarted the program and Cyberhawk flagged it again. The second time, I choose allow.

It seens a bit strange to me. I'd like to know what people think. Is a false alert or could it be something else?

Kerio 4 was suspicious on my machine, i've seen Admuncher mentioned as suspicious too, as many others.

Yes, it's a FP, unless you downloaded from unknown source.
You can however set to remember, and it should make a custom rule somewhere.. You can view that in the GUI.

Be glad that you didn't have a warning in almost machine language ("*squares, triangles and stuff that you can't decypher*" is acting strange (no path given, no good info). Allow or block? answer: uninstall).

Sorry for the little rant there. I'm waiting to see a new version, for that interesting program.

Unexpected manner,what does that mean?People ask questions with zero info given and expect an informed answer.I am amazed by this.BoClean is asking to update per what you have it time wise set to do.That being with zero info given by you would be my answer.

-{ Quote: "Unexpected manner,what does that mean?People ask questions with zero info given and expect an informed answer.I am amazed by this.BoClean is asking to update per what you have it time wise set to do.That being with zero info given by you would be my answer." }-

Hi all,

I think they flagged an indirect access to network : BOC422 lauching BOC4UPD which access to the net for update purpose

I agree with Pedro : if you downloaded it from a trusted source, it's a FP

MaB

Another FP...

-{ Quote: "Hi all,

I think they flagged an indirect access to network : BOC422 lauching BOC4UPD which access to the net for update purpose

I agree with Pedro : if you downloaded it from a trusted source, it's a FP

MaB" }-Keystrokes logged and internet connection formed. This has happened to me as well. It was not marked as malware, but suspicious. I have it as allow. I have see no harm since this.

However I do not like it and would like an explaination from both companies as to why? :(

nothing major but why is it needed(ident)?
btw the updater looks like its freesing,blank screen..anyway its working :thumb:

The IDENT protocol is used by Telnet, POP mail, FTP, and HTTP servers to identify incoming users.

Either turn of Auto-updater in CBOC or set rule.
If you go for manual updating also set rule.

Its not a false pos or a problem, just CH doing its job.

CH and PrevX: