Blocked dll injection into browser, blocked browser! How to revert?

I don’t want to disable monitoring of dll injections, but if I block the injections into the browser, the browser is blocked from Internet access.

Two questions…

  1. How do I revert comodo, unblock the injection so the browser works again? I don’t see an option for this and the Restore button doesn’t do it.
  2. Can I stop the injection without deleting the required dll files and not end up with a blocked browser?

Seriously? No one knows how to reverse an errant decision to block a .dll injection, which subsequently resulted in the browser being blocked?

What is the point of monitoring .dll injections if…

  1. When you block the .dll injection, the targeted app is also blocked from the Internet.
  2. When you block an injection and it ends up causing an unacceptable result, you can’t reverse the decision, which means you have to either completely uninstall/reinstall the firewall or turn off injection monitoring altogether.

So in the end, what is the point of this feature? I get that you can see when an injection is occurring… but don’t you dare try to stop it permanently unless you are prepared to lose the functionality of an often used app like a browser or email client. And, if you do permanently block the injection… no way to undo that decision is provided! ???

BTW, I think it’s the same situation with COM/OLE monitoring too! Probably the same with all the Application Behavior Analysis monitored features.

[table][tr][td]I’m sorry Timogin, but every question has a 24-hour turnaround, and I believe it still hasn’t been 24 hours yet. :THNK

Just Joking ;D. Welcome to the forum. :slight_smile:

I haven’t had such alerts since v2.3, so bear with my memory. The blocked dlls should be in your Component Monitor list. Find them and click on the Allow option and then Apply button. You’ll also have to restart your browser to get it working. If it’s not there then check for any blocked Application Monitor rules.

No No! Don’t delete the dll files. As you have the correct adjective usage, required, they must be legitimate files. Such alerts are confusing at times, but the rule of thumb is to allow them if you recognize both as trusted, otherwise you experience such side-effects as browser with connectivity loss.

You can upload a screenshot of the alerts if you want. There should be an option to remember so you won’t be bothered with them again.

Thanks for the reply Soya. Sorry if it appeared I was being impatient. I had noticed the number of times my question had been read, and was surprised none of the readers had any answers.

Anyway, I’m using V3.0. I can block the .dll from gaining Internet access in the component list, and still I get the injection warnings. Because of that, I assumed unblocking them in the components list would have little effect on reversing the blocking of injections.

Right, I know better than to delete the dll files, thanks. Problem is, if I block them even temporarily, I have to restart the application (firewall, email client, etc) only to have the injection attempt interrupt once again. I don’t see the use of this feature if I can’t block the injection attempt and have the targeted app remain functional.

Given the above paragraph, I think its much more than “the rule of thumb” to allow injections because realistically, we aren’t given an acceptable alternative. It seems to me, there is no good reason one application should covertly inject code into another application. It’s certainly understandable if it has been specifically called upon to do so, such as Acrobat in a browser to read an online pdf, for example, but not of it’s own accord and without user initiated cause. I’ve never liked the idea of software phoning home and this just seems to me a way to do that covertly.

Maybe it would help if I explained an instance which is recurring…
I like the functionality of Directory Opus. To me, it is far superior to Windows Explorer and vastly more convenient. Anyhow, I can see no reason why this software would need access to the Internet by injecting its Dynamic Link Library into my browser & email client, and yet it relentlessly tries to do exactly that. I may be paranoid but I don’t want software designed to navigate through every file on my hard drive, covertly accessing the Internet.

I just want to be able to permanently block the injection attempts and still retain full functionality of the targeted apps. Why isn’t this possible? And will it be made possible any time soon?


V3 of what? CFP current release version is, and teh BETA of CFP V3 isn’t due until April 16th.

Re. Directory Opus injecting dll’s into other apps, I believe it is doing this to replace the standard file handlers supplied with Windows. Yes, it’s a very, very good application (and has been since it’s earliest days on the Amiga) but it can be a bit intrusive.

Unfortunately, I don’t know of any way in CFP to tell it to allow a particular application to inject DLL’s but warn for all other instances of this occuring. You may jusy have to tolerate Dir Opus’s injections, if you feel the application is good enough to warrant that.

Hope this helps,
Ewen :slight_smile:

Comodo Certified Database 3.0?

Yep, I guess I only glanced and grabbed the 1st number I saw. I mistook the Certified Applications Database Version for the actual CF Pro version number,

I am now able to prevent the Directory Opus injections by disabling the “Double-click desktop opens a lister” feature, and the “Replace Explorer…” feature. I have a couple members of the Directory Opus forum to thank for specifically identifying the cause.

This isn’t exactly what I was asking about, but I take your meaning.

Still wish injections could be blocked without losing the Internet functionality of the targeted application. I wonder if CFP only detects the injection after it is implemented and it recognizes the targeted app has changed… I guess that might explain why the application HAS to lose functionality until shutdown & restarted.

Anyway, thanks for the help.