Comodo Firewall Warns Me Several Times About Frefox, WLM, etc. [Resolved]

I’m having a problem with Comodo Firewall Pro v2.4.In fact this is not only my problem, i know that many people suffer from that.
Sometimes Comodo shows warning messages to well-known programs such as firefox and windows live messenger.It says “firefox trys to connect to internet…”.Although giving permission and marking “remember” box, the same warning appears some time later.
This is the one of the warnings:

P.S.I’m using comodo with default settings and there is no other firewall installed on my pc.

I am getting the same thing with firefox. Every day it asks me anywhere from 2 - 80 times whether or not I want to allow firefox to access the internet. (:AGY)

gudu: welcome to the forum.

** FAQs/Threads - Read Me First **:

[b]OLE Automation Alerts[/b],4728.msg35532.html#msg35532,4875.msg36088.html#msg36088,5207.msg38857.html#msg38857
[b]Constantly Same Alerts / Doesn't Remember Rules[/b],6908.0.html

Thanks for your useful guide.

I just turned on component monitor form ‘learning’ and clicked the “skip loopback(127.x.x.x)TCP connections” checkbox.
Something attracted my attention relating to one of your messages in the last link.You advised to remove many rules from “application control rules”.I’ve plenty of rules there so removed some of them(setups) because of your advice but i wonder if it’s harmful not to remove unnecessary rules from there.

What rules were they and on which applications? Any executable that’s not in CFP’s safe database and not allowed in Application Monitor by default is not granted internet access at all.

I mention this:

Your Divx Installer should not have a rule because it should be a one-time occurrence that it needs outbound connection. You should remove that rule. Also delete the TCP/UDP In rule for Firefox because it doesn't need that. ............. I remember that IE is a certified app, so if the parent for one of your App Mon TCP/UDP Out rules is explorer.exe, it can be deleted
I have many rules(most of them allow) and don't know it's needed to remove some of them.

Oh those ones. If anything, my suggestions can only make the rules safer.

So i don’t need to edit the rules but it’s better to do, right?

I would assume so. If you want to be sure you can post a maximized screenshot of your Application Monitor rules.

I want to be relaxed so this is the application monitor rules’ screenshot :slight_smile:

Curious: why are there 2 instances of AcroRd32.exe and one of them has no icon? From my own ruleset I recall that those without the icons usually mean they’re outdated executables or CFP rules that can and should be deleted.

The real concern is why you have such a long list of Firefox rules. Unless you have that many number of programs that launch it as the parent executables…Also, I assume you don’t run a proxy server, otherwise you wouldn’t have enabled the skip loopback connection checks per your above post. That being the case, there’s no need for any incoming connection rules for Firefox or any browser - so delete those.

explorer.exe shouldn’t need internet access at all. I recommend to block in and out on it.

msiexec.exe - this executable should only require outbound access as one-time occurrences only. There shouldn’t be a need to allow them in Application Monitor. The fact that you have them in Application Monitor must prompt me to assume you enabled the “remember” option on the alerts. This option should only be enabled on programs that you know for sure would need or don’t need internet access from hereon.

You have many other programs I don’t know about. This could go on…hopefully you catch my drift on the type rules that should be created or not on different uses of programs.

There are 2 instances because i updated adobe reader so the one with icon is the updated adobe reader, the other is probably the old one.I’ll remove the old one :wink:

Yes i don’t use any proxy server.So i’ll remove incoming firefox rules but it’s still suspicious why there are so many firefox rules as you pointed out.

You said explorer.exe shouldn’t need internet access but there is a paradox why there is such a rule.It’s obvious that explorer.exe tried to access the internet so comodo detected this and created a rule.Interesting…

Let me repeat: BLOCK explorer.exe. Trust me on that. I had some programs that tried to use explorer.exe to connect to the internet. Explorer.exe is the primary parent executable for almost all applications in Windows because it’s the shell itself. However, it can also act as a browser similar to iexplorer.exe, but why would it need to do this? If you read the other thread I linked above you’ll see most people agree.

The only person who knows why you have so many FF rules is yourself because I can’t see the description details in your screenshot. I bet either there are different parent executables starting it for each rule or you changed the default Alert Frequency from Low to something higher.

Ok Soya i understand what you mean clearly.

My problem is now solved thanks to your advices.
Thank you so much 88)


If you need to open this thread just pm any available moderator.