CF frequently warns me that Skype.exe is trying to use svchost.exe

snyder · February 20, 2007, 1:00pm

Help!!!

I have frequently moved over from Windows OneCare to Comodo and I use skype a lot. I’m faced with a problem in a sense that CF frequently warns me that skype.exe is using services and svchost.exe using OLE and could possibly be a hijack. I don’t know whether to trust this or not and I have erred on the side of caution and denied. I’m unsure what the effects of this will. I’m looking for help on this issue. Thanks very much.

aXes · February 20, 2007, 1:21pm

Always, try to block Svchost.exe first. If Skype doesn’t connect after this, you have to decide that you want to use it or not.

I don’t use Skype. If it doesn’t work unless you allow Svchost.exe, you don’t have any chance.

:THNK

aXes

step · February 20, 2007, 3:35pm

First off,
In general, blocking Svchost is a bad idea. Svchost is used by Windows to host system services that run from DLLs. So if you block it, many system services will not function properly.

For snyder,
It would help if you could post the exact text of the messages you are receiving.

But for now, just know that CFP is slightly over zealous with reporting possible OLE hijack attempts, and I believe an upcoming version will address this issue(can someone confirm this?). And, you also have the option to disable OLE monitoring via the Security/Advanced/Application Behavior Analysis dialog.

placoboy · February 20, 2007, 4:07pm

Thats must be true, check an issue I had with app being still blocked even if I didnt tick to create a rule
https://forums.comodo.com/index.php/topic,6617.0.html
OLE hijacking protection is a must so I jsut hope we dont need to turn it off!

Little_Mac · February 20, 2007, 9:41pm

snyder, it sounds as if you may be getting alerts relating to Application Behavior Analysis, such as the OLE Automation alert.

I think that Skype is on Comodo’s safelist; if you go to Security/Advanced/Miscellaneous, make sure the 2nd box is checked, “Do not show alerts for applications certified by Comodo.” OK. Then go to Security/Tasks/Scan for Known Applications. Follow the prompts. Reboot when finished.

This may help with Skype if it is on the safelist; it should also help reduce some of the other alerts you get. You may also open the Application Monitor rule you have for Skype, go to the Miscellaneous tab, and check “Skip Advanced Security Checks.” OK.

Knowing the exact wording of the alert will help diagnose the problem.

LM