"blocked application" seems not to work

After problems with a competitor’s firewall I changed yesterday to Comodo. One behaviour I do not understand and could not alter yet:
For Avira Antivirus and my banking program I set the notifier resp. update function (which are separate exe-files from the main application program) as “blocked applications”. With the old firewall this stopped the associated pop-ups, but not now with Comodo, i.e. the pop-ups appear despite the “blocked” status. I assume this has something to do with the fact that these “sub-programs” are started from a permitted main program.
My trust in Comodo firewall has yet to be established… Oh, and I deactivated Defense+.
Thanks for reading.

BTW: I have seen the similar thread in the forum, however, I cannot match the screenshots and the description of the solution with what I see on my screen.

Vista SP1
Comodo Firewall 3.5

You said you set to block these programs. With the firewall part of with D+?

At the end you say you also disabled D+ (did you reboot to disable D+?). Did you disable before or after you blocked these programs?

Hello Eric,

I use your reply to give you answers:

You said you set to block these programs. With the firewall part of with D+?

A: I do not quite understand. When the Comodo Firewall alerts popped up, I just said “blocked application” which had then no effect when I repeatedly executed the Antivirus signature update resp. the banking program.

At the end you say you also disabled D+ (did you reboot to disable D+?). Did you disable before or after you blocked these programs?

A: I disabled D+ after I blocked the programs. Regarding the re-boot: I did not reboot straight away, but have re-booted several times since but saw no change in behaviour.

Go to Network Security Policy and look up the network rules for both programs. Are they set to block? You can go there by: Firewall → Advanced → Network Security Policy.

How did you set the Firewall Behaviour Settings?

Both programs are set to “Blocked application – block all incoming and outgoing requests”

The Firewall Behaviour Setting is “Custom Policy Mode”

That’s truly odd. Let the Diagnostics wizard run to see if there is anything wrong or not. It can be found under Miscellaneous.

The Diagnostics Wizard tells me that everything is ok…

Thank you for your time anyway!

Try making other applications blocked. Does that work or not? There may be something fishy with your installation.

Good idea: I blocked Firefox and this was successful. After that I blocked Thunderbird and again it worked. So this an ambivalent result… Maybe everything is ok and the popups mentioned in my first posting come from the main programs and not from the updater/notifier!? But as I mentioned also, when I blocked the updater/notifier in Zonealarm, the popups disappeared - however, ZA doesn’t work with Firefox any more, hence my change to Comodo.

Are you using ZA and CIS at the same time? That is not recommended as it can cause all sorts of weirdness.

I am confused now. Going back to your start post. As far as I understand you have the firewall part set to block the mentioned applications. Is that correct? Are the pop ups you get from the firewall part or the D+ part? I am kinda lost.

Hi Michas I’m no expert but

go to firewall, advanced, network security policy. Look for the entry for the program you wish to block. Right click on the entry then select edit. Choose Use a predefine policy. Change it to blocked application.

Hope this helps.
Also don’t forget to set your COMODO to proactive defense configuration. Right click on COMODO tray icon, slect configuration choose proactive security. I also suggest you to turn on defense+.

From my personal experience I trust and like COMODO very much. I feel secured when having COMODO CIS up and running. Some people may not like the message pop-up of the defense plus but that how it is if you want a secure environment. At least that’s the price we have to live with until the advent of AI in personal PC. :THNK

“Arlene, create a new email, title is…”
“Arlene, when did you last run diagnotics of the system. run complete diagnostic now if you haven’t for the past 2 days and dictate to me any problems found”
“Arlene what’s the cell phone number of my nephew?” “Call him now” “Audio only”
“Arlene I’m going to take a nap. Wake me up when the first fax came in or in one hour time whichever comes first”
“Arlene I’m looking for a picture of the archangel Michael. Minimum size is 30kB. Only send me the colored ones. JPEG format only but GIF will do too”
“Arlene do a complete packet trace and tell me which countries they go through”
“Arlene with the last three years of my usage pattern, build a profile of me which includes IQ approximation, interests, social skills and a complete psychological profiling” “Guess my age based on the profile you made” " and Delete all data that you use to make my profile afterwards" “Use the result to adapt your personality to mine” “Backup your current personality in case I don’t like the new you”

I know I know it’s probably too early to dream AI in personal PC.

Of course I uninstalled ZA before the first installation of Comodo. And the popups are generated by the updater of the banking programme and the notifier of Avira Antivirus - at least I assumed this due to the previous behaviour under ZA. And I deactivated D+.

I find the many popups from D+ annoying. Otherwise I did what you are saying regarding the firewall function but to no effect: The popups pop up but other blocked applications (testwise Firefox and Thunderbird) are blocked.

If you blocked the application in firewall then there will not be any traffic in or out generated by that application anymore.

So the only logical reason is that the pop-ups that keep on showing up must be

  1. triggered by another application. OR
  2. not using traffic(TCP/IP).

In case of 1. You need to find the correct application which is causing you the pop-ups
In case of 2. You need to block that application in defense+ not just the firewall since it’s not generating online traffic.

So if you’re convinced that that particular application (.exe) is the one which is causing the pop-ups, block it in defense+ because it may be causing the pop-ups without even receiving or sending any traffic online.
But then again you wrote that you disabled defense+. But to test it just put defense+ to safe mode and block that application in defense+. And see whether the pop-ups still keep coming.

I used to use Avira Antivir free which from time to time popping up ad message to my screen even when I’m not online.

If you did the above and the pop-ups still keep on coming then there is not another explanation aside that the application(.exe) that you suspected to be the cause of the pop-ups is not the one causing the pop-ups to show.

If it turned out that defense+ blocking stopped the pop-ups from showing I suggest setting the defense+ to ‘clean PC mode’. It generates less messages. But you need to make sure that your current PC environment
is clean. Do a complete virus and malware scan with a good antivirus and anitmalware software.

I followed your advice and agree now that it must be your case 2. I blocked notifier and updater with D+ and the pop-ups are gone. This D+ seems to be a powerful tool and I’ve got to learn more about what’s behind it. For me, the problem is now solved.

Thank you, Michael and Eric, for your help!