(:NRD)
Okay, I consider myself pretty computer illiterate. I run my own computer business and also thoroughly research my software decisions. Namely, Firewall, Comodo is recognized as the most advanced in security in private reports I’ve stumbled across.
Now, I took that advice, and have persisted over the last month of heavy usage of Comodo, and I still can’t seem to cooperate with its advice. I have tried reading the forums, and trying to understand the layered structure of Comodo, but there seems to be something thats not happening for me.
Take this latest alert (attached), which just pushed my button to vent…
There are three seperate and non related processes mentioned. Utorrent does not speak with GameOverlayUI, nor vice versa. Utorrent has been told previous to remember to shut the *!$%# up, so I don’t want to see its ugly head again, I start Half Life 2 (hence GameOverlayUI.exe) through Steam, Steam got told to remember to shut the #$# [ at ] ! up too, but it’s child process seems to want to test my buttons by really throwing around my logic to work out who’s at fault. Explorer.exe, well, I thought that process was told to shut up ages ago.
http://[img]
Sorry if I sound rude, I wrote whilst frustrated. Any pointers appreciated on this.
To understand this alert lets start from the fact that utorrent is launched by explorer.exe (explorer.exe is the parent application of utorrent) Normally as you have allowed this before you shouldn’t receive alert for it except if you use GameOverlayUI.exe right? This is because GameOverlayUI.exe modifies explorer.exe using this OLE method. In most cases this is normal and should be allowed. If GameOverlayUI.exe was a malware you would receive the same alert, as the “malware” modified the parent application. You know that GameOverlayUI.exe is not malicious, but cpf doesn’t. This is why you receive this alert. In a nutshell you have an “A” application ( in this case utorrent), a “B” parent application (this is the program that launches “A”. if you click on “A” with your mouse, than the windows user interface /explorer.exe/ is the parent) and you have a “C” application which can be anything from malware to a safe program in your case its safe, GameOverlayUI.exe. If there is any kind of interaction between either “C” and “A” or “C” and “B” you will receive an alert. Try to mark GameOverlayUI.exe as a safe application in cpf. If it still gives you alerts you can turn off the OLE automation check. Sorry for not giving you specific instructions, but I am using the V3 beta now. If you are interesting in beta testing you may download it from here: https://forums.comodo.com/cfp_beta_corner/cfp_309229_beta_has_been_released-t13159.0.html;msg92210#msg92210
But remember it is a BETA, which means it may contain bugs. And it does contain some. Anyway this is the purpose of beta testing to iron out the bugs before final release.
Thanks Blas, I appreciate your explaination because I get often disappointed as well in front of the kind of alerts schitzn mentioned.
BTW, a bug related to this kind of alerts must be there anyway, because it happened often to me - and I saw this reported several times - that those kind of alerts were mentioning an application that had been closed since long time.