DEFENSE+ event

Why is svchost.exe trying to target forexstrategybuilder.exe and why is it owned by an unknown and not deleatable? Thanks (see attached) (The unknown owner will not show itself or let the administrator or system to take control of it. What is the best way to delete it and are there other parts of it causing svchost to target it that I also need to remove?)

[attachment deleted by admin]

Sometimes (re)installing can help to uninstall it.

You mean there’s a process w/no user name running in CIS ‘view active proces list’? What does ‘owned by an unknown’ mean?

Check to see if you have a service related for ForexStrategy. The service may run under the SVCHost services service. You may need to stop this service before uninstall from add/remove programs.

Thank you both Eri… and Wxm… The file Forexst… is not installed. It resides in the download directory and not in the executable/programs directory. “Owned by an unknown” is the message Win7 gives when I try to take control of the file in order to delete it or upload it. It will not allow the system or administrator to take control of it for any reason and it states “Owned by an unknown”.

Comodo Firewall constantly crashes. The last time it did that it said that “Comodo had a bug and to please report it.” I looked on the forum and ran the script file and looked in

How to find crashdumps in Win7
« Reply #3 on: September 16, 2010, 06:19:13 AM »

How to find crashdumps in Win7
Windows Seven saves a local copy of the crash dump automatically.

When an application crashes you can find the required crash information in one of:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive C:\ProgramData\Microsoft\Windows\WER\ReportQueue

but the crash reports were not there. How do you fix the bugs that cause Comodo Firewall to constantly crash? Thanks. is attached. . It never is allowed to be automatically uploaded to Comodo. Every time I try, it is blocked.

[attachment deleted by admin]

The email address does not work.

Can you see if using Unlocker or Unlock it boot will help to get rid off the file? May be it needs to be deleted on boot.

Eric, thanks. I think I can delete Forexs… ok, but Comodo has crashed 12 times in less than 1 month on one computer and multiple times on others. Every time I try to submit the zip crash file to Comodo on all computers, it is blocked. How do I fix Comodo firewall? Thanks. (also, since Forexs… is not in programs directory, but in downloads directory, I want to know why Windows is targeting it and who “unknown” is that will not let me delete it.)

As to the crahes you are witnessing you may consider filing a bug report in the Bug Reports - CIS board following the format as described in FORMAT & GUIDE - just COPY/PASTE it!. The email address for submitting crashes is not working.

As to the question why svchost.exe blocks the forexstrategybuilder.exe installer. This could happen if at one point you made a rule to block it. Svchost.exe is part of the Windows System Applications group which has the Windows System Application policy. Look it up in Computer Security Policy → Defense + rules.

When it shows as having the Windows System Application policy that means there were no changes made and the blocking was not because you (accidentally) made a rule.

I downloaded the installer for Forex and installed it. I could take ownership on the installer. May be another process is starting Forex. Can you open View Active Process List and see if Forex installer shows up there? If it is there can you see the parent?