Hi, I’m no IT person. Just an old man, with a desk top comp., in his home, answering grand kid’s emails, and passing time. So, I found inside ‘Blocked Applications’ that there are 88 events or applications or what ever they are, that are being or have been blocked. Will you experts at Comodo, look please at my examples here, and tell me if Hips and Firewall, was right to block what they did, or it is most likely some thing like a 'fake positive". I would greatly appreciate knowing. Here is a sample of what I see listed: Hipps blocked Glarysoft app data and Glarysoft downloads, and updates, and Glarysoft temp.
Hips blocked 2 windows components, a file named wermgr.exe, and signed by Microsoft.
Hips and Firewall have and continue to block 2 components of Mazilla firefox.
There are many more very similar to the above ones, they just have different dates and times.
I greatly would appreciate your input, and guidance on : are these safe to approve, or are they actually ’ bad’ viruses or something, and then how do I proceed?
Basically, the Blocked Intrusions section of CIS creates a lot of needless confusion and worry. Several items will show as blocked on system startup before CIS is fully loaded - that is normal. Other entries such as Glarysoft and its components will show there as you have the active component running on your system. Wermor is a Windows error reporting function and part of the OS. You may have Firewall settings for Fragmented Traffic or ARP Spoofing set
If everything works as expected, such as Firefox, Glarysoft and all your other applications, don’t worry
Thank you! I greatly do appreciate your reply! I do feel much better now. I looked at firewall and no there is no check mark at Fragmented or ARP. I have attached pictures of that page and of CIS desk top, is it? so YOU can see what is checked and is not. and what CIS is reporting back. I would greatly appreciate you informing me, if there is a something I should have a check mark beside or change, etc. etc. !! I will greatly appreciate your help.
Oh, and That link to blocked applications, was great reading! Thank you for that link! Although it spoke of areas, I know nothing about, it clearly was written by a very knowledgeable person!
SO,what should I do/can I do, about the 88 that are listed? leave them there? or some how remove them from the list? Mark them as safe? Or Can I not remove it, or empty that list, so it shows ‘zero’? Or is the simple truth: it will just be there from here on? ( seeing that number 88, sorta bothers me).
The 88 can be cleared by clicking on Blocked Applications > checking the box for all then click on Remove
I see you have rather a lot of Unrecognized Files! You may want to go to the Trusted File List and Purge it, to see what is left and what they are
Also you have ‘Do not show Popup Alerts’ and Allow Requests checked. This will allow every Firewall request - good or bad. I wouldn’t use that and make your own choice if there is a popup
Enable Trustconnect alerts is also redundant on a Desktop PC and in any case, would necessitate an upgrade to CIS Complete. It is intended primarily for mobile usage when travelling and using unknown WiFi Networks
The 3 options below Filter Loopback Traffic, I also have checked. You will probably get more Network Intrusions in the log files, but it will provide more security