hello
since few days i have an alert message from defense + when i reboot windows 7 - i cannot read, it’s just after rebooting
but in defense + log i have (in pc safe mode) :
program : system
action : file modification
target : c:\windows\system32\WDI\logfiles\shutdownCKCL.etl
except this i have no information
in learn mode i have no message, an no log, when i set in pc safe mode, i have the message
how to solve this, it’s a good process or an unknow malware ?
if it’s a good process, how to accept the modification ?
i’ve tested my pc with avast, bit defender (online), malwarebyte anti malware, adwcleaner, roguekiller, all is ok…
i use comodo firewall 5.10.228257.2253 (don’t like V6…)
sAyer
3
how to solve this, it's a good process or an unknow malware ?
if it's a good process, how to accept the modification ?
Good file. logging only (transition listing) nothing to seriously be concerned about.
in learn mode i have no message, an no log, when i set in pc safe mode, i have the message
If your rebooted in learning mode and then switched to safe then you shouldn’t receive the message. Obviously a bug somewhere.
Try updating to Comodo Internet Security 5.12.256249 the last pre - version six version. Might Help ???
you can also try manually adding the file to trusted.
i’m happy to read it’s a fake positive (or something like this)
how to trust the program ? on the event log log i click on the file and select add to trusted files but the next time i reboot, it’s the same thing
Did anything change on your system? Did you install a new program or Windows Update around the time it started to happen?
aim4it
6
Are you using paranoid mode for HIPS?