.bat file ignores firewall / HIPS rules

I tend to run a couple applications via a batch (.bat) file linked from the quick launch panel (win7) after I’m done booting up:

tasklist /nh /fi "imagename eq thunderbird.exe" | find /i "thunderbird.exe" > nul || (start "" "<PATH>")

I’ve created a HIPS rule for the .bat file itself with everything set to “allow” and a firewall rule set to “allow all incoming / outgoing”. Individual applications run by the .bat file have their respective rules in both places as well.

HOWEVER, ever since a comodo update a couple months ago, I’m getting HIPS/firewall warnings for EVERY application in that batch EVERY time I run it:

Dropbox.exe is trying to execute Dropbox.exe
thunderbird.exe is trying to connect to the internet
thunderbird.exe is trying to install global hook MSCTF.dll

It only happens with the batch file, launching the applications by hand doesn’t trigger any warnings . Also, using the “allow / treat as + remember my answer” options in the popup doesn’t solve anything.

I must be doing something terribly wrong. Any suggestions very welcome.

What does the alerts say in the description for each application that generates an alert? Does it indicate that the application is unrecognized? Check file list to make sure they are rated as truste. Btw I had no issues when using your bat script.

I’ve attached some of the warnings. Interestingly, when I ran the .bat file today after using my computer for a few hours already (as opposed to running it soon after booting up) no warnings showed up. When I restarted and ran it immediately, they were back.

Not sure what you mean by “Check file list to make sure they are rated as trusted”, but for example thunderbirdPortable.exe has a HIPS rule of “Installer or Updater” and thunderbird.exe is set as “Allowed Application”.

This file list which will indicate the rating. From the alerts it looks like they are not rated as trusted.

Didn’t know about the file list, but all the apps are there as trusted (a screen of thunderbid attached).

Further testing seems to indicate that if I open firefox first thing after booting up and browse for a bit before running the batch, there are no warnings triggered by the batch. If, however, I run the batch before running the browser, they all pop up even if the same amount of time has passed between booting up and running the batch. Haven’t tried with applications other than the browser yet. Any idea what could be causing that?

EDIT: it is not limited to firefox; using the computer for a while after booting up and before running the .bat leads to no warning messages; running the batch immediately after the computer’s done booting up = warnings

Maybe try a clean re-install with the new version as I don’t see any alerts when I run the bat file as soon as the desktop is loaded.

A status update:

The new update made my system unbootable, had to use the comodo removal tool from safe-mode.

A clean install after that did help a bit - now only dropbox generates the startup warnings (no idea why, it’s marked “trusted” just like all the other apps). Almost any app will (or won’t, it’s a bit random) generate warnings if ran quickly enough after boot, however (e.g. chrome).

A new, more serious problem appeared with the new version: many games (factorio, random games off itch.io etc) now die with a black screen on startup when comodo tries to show a warning and the system just becomes unresponsive and needs a hard reset. It’s solvable by marking the game executable as “trusted” upfront, but who wants to be required to edit firewall preferences prior to launching every new application.

What the hell has been happening to this software lately :smiley:

I’m not very firm in comodo but could it help to start the programs as a administrator? Sometimes it was so when I started a program in this way but do not know if this is a problem of CIS in my case. I don’t think so.
I have severeal settings depending on what I want to do. Should there be any problems I load a ruleset minimalized in protection - not 0-protection!
The most frequently used set of rules is very districtive because of online-banking a.s.o. Perhaps too districtive.
Futhermore I don’t install many programs as games, auxiliary tools, screensavers although I use I have two tools.
At last I have a backup only of comodo : settings, installed files so I can restore comodo in a couple of minutes if there goes something too wrong, and I have exported all my rulesets.
I don’t know if that helps you. Everything I do on my computer works: several software for EBV, I-Net, virtuel keyboard, audio software (if I need it), television a.s.o.
Oh yes, I also have a batchfile (.bat) linked on the desktop and it runs.
Some problems seem to be very complex and deeply anchored than to be solved with ease. Not even Microsoft could help me lately (not such a serious windows-problem for me ) with remote maintenance and advised me to reinstall Windows, but this was not necessary.

Perhaps you can find here some help - I didn’t do anything with it by now and therefore don’t know if this touches your problem:
6.6.2. File Groups
Look for “File Groups” in the manual. In the Advanced Settings File Rating/File Groups: