3.0.25.378 Incorrectly Identifies Applications, Resulting in Wrong Rules [Merged]

[Micc]

Have you tried restarting your computer and seeing if the problem persists?

Restarting my laptop doesnt help. The problem occur every day. I use cf since 10.05.08.

I think the problem start after the first time running the application that start the application "C:\Program Files\Connect.exe".

At this moment i have no problems, because i run cf mode: disabled...i hope the bug get fixed soon or i must look for a other fireewall :-(

[habanero]

I did post in bug reports at http://forums.comodo.com/bug_reports/application_rules_getting_confused_wrong_rules_applied-t24433.0.html.  Is there anything else I can do?

Habanero

[Micc]

I post my bug report at http://forums.comodo.com/bug_reports/cf_identify_applications_wrong_3025378_xp_sp2_x32-t24658.0.html.

Now we have to wait and hope 

[Ronny]

what a strange place for an executable, are you sure the connect.exe is legit and needs to be on you system ? sitting in c:\program files\ ? i've had these "mistakes" before but with different program's not always the same.

[Micc]

what a strange place for an executable, are you sure the connect.exe is legit and needs to be on you system ? sitting in c:\program files\ ?

Don't worry, me, myself and i moved the app from "C:\Program Files\Router\" to "C:\Program Files\". Just for testing how CF is acting after this action

...and what happen after moving the app? CF dont recognized that i moved the app and always show the same wrong app with the old path! How is it possible that CF identify a wrong app and this app doesnt exist at this path/folder, not really funny for a security apllication like CF!

[Ronny]

Did you try to remove the rules Firewall/D+ for the connect.exe and see what happens after a reboot ?
What kind of application is this, because it looks like some kind of intercepting proxy to sit between you browser/email and the outgoing connection ?! like a virus scanner would do, that way it's just normal behavior to use the process and build the firewall rules based on the app making the call to the socket. if you do a telnet to a web server does it also prompt for connect.exe to connect to that site ? [cmd, telnet www.website.com 80] you should get a blinking cursor on the left top.

[Micc]

Did you try to remove the rules Firewall/D+ for the connect.exe and see what happens after a reboot ?

Yes, i removed the rules for connect.exe but CF start asking me again for the wrong application. But dont forget, CF dont ask me everytime for this application when i use a application that have defined rules. I dont know what CF makes confused to ask me sometimes for the wrong app..

What kind of application is this, ...

A tool of my router to reconnect the internet connection.

[cmd, telnet www.website.com 80]

CF ask me for a outgoing connection of telnet

[Ronny]

That's absolutely true, see also:

https://forums.comodo.com/empty-t24202.0.html
https://forums.comodo.com/empty-t23793.0.html

There is something wrong sometimes (can't reproduce it...) with the recognition of the started program.

But the connect.exe sounded suspicious to me, being known to be used by malware and located in \program files\

[Ronny]

You are not alone...

https://forums.comodo.com/empty-t24658.0.html
https://forums.comodo.com/empty-t24202.0.html
https://forums.comodo.com/empty-t23793.0.html

Maybe a mod can merge these ?

[soyabeaner]

Maybe a mod can merge these ?

yes.

[Micc]

One minute ago i started "MS Internet Hearts" (have rules defined) and CF tell me that the app "avast.setup" want connect to the internet. After closing and restarting Hearts many times everything works correct and CF dont ask for the wrong application...nice bug

[Jorgosch]

Same problem here... occasionally I start Emule or utorrent and CFP identifies the process as "updater.exe" from my Avira AV Suite.

[habanero]

Any news from the developers about this bug?  It still randomly occurs on both my machines about 1x or 2x a day.  I don't want to try another firewall, as I've really got used to Comodo.

Thanks,

Habanero

[gpnx]

Well, i belive this happens because comodo don't use hash values to associated the exe with the policy. I had a post in the feedback forum about that (in little bit different light thou). Let hope the developers get it that just using a filepath do associated exe to policy is not enough.

[Kyle]

Well, i belive this happens because comodo don't use hash values to associated the exe with the policy. I had a post in the feedback forum about that (in little bit different light thou). Let hope the developers get it that just using a filepath do associated exe to policy is not enough.

GPNX!! I bet you haven't read any of this thread, just like you don't read the help other members are trying to give you!.

Read read read read read