I’m new to comodo and working things out.
I was wondering if there was a safe list or white list I could look at to help me decide weather to allow or deny access to programs and applications requesting access from comodo?
I did the ‘scan for known apps’ I’m assuming that it permits and grants access to safe items only?
The items in question (many are requesting silent access) so far are the following:
avnotify.exe
update.exe
WkUFind.exe
svchost.exe
AcroRd32.exe
if there is a library or somewhere I can look up items and make the decisions myself please let me know. Thanks for the help in advance!!!
A source that I use on occasion is http://www.bleepingcomputer.com, with their Files and Startup search lists. Bleepingcomputer has a very active HiJackThis analysis and malware removal forum.
Note that in making a decision, that the full pathname makes _the_difference.
For example, svchost.exe is the name of a system file, and is located in %SYSTEMROOT%\svchost.exe. On the machine I’m using, that is C:\windows\system32\svchost.exe. If you see this name in a different path, it is very likely a malware program trying to disguise itself.
update.exe is another example. I have two of these that are legitimate files on my machine. It is also the name used by many malware programs. The full pathname matters.
