I received a message that “SWL.exe could not be recognized and it is about to modify the protected registry key HKUS.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\My. you must make sure SWL.exe is a safe application before allowing this request.” I did not allow the request.
I’ve also received indications that svchost.exe and Skype.exe were trying to establish connections from another computer, which seemed odd. So I blocked them.
Now, AvastSvc.exe, firefox.exe, and googledrivesync.exe are counted amount the intrustions that are being blocked by the firewall.
I’m concerned 1) something is wrong with my computer and 2) that I’m blocking things I shouldn’t be. Malwarebytes and Avast haven’t spotted anything.
Do you know this application? What does it do? Did you download it from a trustworthy site? If you know and trust the program and its source you can allow this.
I've also received indications that svchost.exe and Skype.exe were trying to establish connections from another computer, which seemed odd. So I blocked them.
Now, AvastSvc.exe, firefox.exe, and googledrivesync.exe are counted amount the intrustions that are being blocked by the firewall.
I’m concerned 1) something is wrong with my computer and 2) that I’m blocking things I shouldn’t be. Malwarebytes and Avast haven’t spotted anything.
Thanks for your assistance.
Can you show the firewall logs and tell us on what connection you are? Are you behind a router? Skype and svchost listening and wanting to pick up on certain incoming traffic is part of what they do.
For comments on the other programs I need to see the firewall logs and know on what connection you are. What configuration are you running and how are Firewall and D+ set? What version of CIS are you using?
Thanks for your time. I figured out from the D+ logs that SWL.exe was likely from a Norton Safe Web Lite program I downloaded and tried to use (but it didn’t work anyways with new Firefox versions).
I defined AvastSvc.exe as a trusted application in Comodo Firewall, but it’s the only program I’ve done that for (and it seems to be still getting blocked). I haven’t set any rules in D+. I found this on avast: Avast/Comodo and behavior shield Does it sound reasonable? I’m not sure what you mean by what configuration I’m running – sorry I’m not more savvy. I attached the logs.
I am behind a router with IPv4 connectivity. My Comodo Firewall is version 5.12.256249.2599
Please let me know if I should clarify anything else.