My home PC (Windows 7 Home Premium Service Pack 1) is installed with Comodo Internet Security v5.3.50343.1263, the Personal Firewall v5.3.181415.1237 and Defense+ of which are enabled.
I am puzzled by a Defense+ alert warning (C:\Windows\System32\wdi\LogFiles\shutdownckcl.etl) for each shutdown, even though I have added the following computer security policy:
I appreciate it much if any advice will be given to get rid of this annoying warning.
However, the exclusion C:\Windows\System32\wdi\LogFiles* seems to be ineffective as there is still a defense+ alert for C:\Windows\System32\wdi\LogFiles\shutdownckll.etl before the system shutdown. Should this warning be ignored?
I find it a bit strange; I don’t get such warning not even in paranoid mode. If you got this on a clean computer you can press ignore. I suggest you make a quick scan with malwarebytes to make sure that you’re pc is clean.
I always utilise Malawarebytes’ Antimalware and SUPERAntiSpyware to scan my home PC subsequent to the daily updates. As a result, my system is reported of malware and spyware free on each occasion. This is reinforced by Windows Defender on-demand scanning with the latest definition update.
As directed by Eric, I have tried “sfc /scannow” and the result is “Windows Resource Protection did not find any integrity violations”
I note that the Defense+ alert often displays after my home PC to Windows 7 Service Pack 1 has been upgraded. Apparently, the current version of Comodo Internet Security does not remember my answer, ie OK to allow, should an alert arise. Any conflict with the latest operating system?
Windows Defender is set to “manual” instead of “automatic” on the Administrative Tools > Services. I guess this may not be appropriate to my PC after upgrading to Windows 7 Service Pack 1.
Strange as Comodo Internet Security is back to “normal” after I have adjusted its Defense+ security level to Clean PC Mode from Safe Mode. Then, I do not see the annoying Defense+ alert on the shutdown. God bless!