I have added LWEMON.exe which is logitech’s gaming setpoint software to the list of trusted files, but each time I boot my PC that file is the only one listed on the blocked intrusion list.
Any ideas on how to get CIS to free it up, or if it is even blocking it at all?
Version 8.2.0.4792
Windows 10
What does the defense+ event specifically say about the blocked intrusion? Since you added the file to the trusted list and still have blocked events in the defense+ logs, I’m guessing it is trying to access in memory one or more of comodo’s processes (cmdagent.exe,cis.exe,cistray.exe,cavwp.exe). To check if this is the case, the event log it will show under the Flags column Access Memory and the Target column path to comodo executable. You would then need to edit the Interprocess Memory Access protection exclusion for comodo internet security HIPS rule. Active HIPS Rules, Network Access, Internet Protection | Internet Security in the exclusion select running process and select lwemon.exe from the list if it is running or browse to its file location.
:-TU
Thank you. That appears to be the case. I will add something if that did not solve the issue.