Comodo not obeying Application Control Rules?

Help for v2
1

Hi All,

I just installed Comodo Firewall (2.4.18.184). I already had Kaspersky Anti Virus (not the security suite) installed. So i disabled that while installing comodo, didn’t see any conflicts there. Now when i first tried to update Kaspersky, comodo asked if it was ok for avp.exe to access kaspersky’s server (there’s a bunch of servers it uses, so that address changes every now and then) at port 80. Then i just was playing around and removed all application rules, there were only like 5 present because i only just installed comodo.

So then it started asking permission for all apps again. Except avp.exe, i could just update as if i had no firewall at all!!! So i added avp.exe to the Application Control rules again (TCP OUT, any address port 80 only) and told it to ask me permission. It did ask for permission when i tried updating kaspersky again. So then i changed the application rule to “Block” instead of “Ask”. but it didn’t block avp.exe at all. I can even see avp.exe’s connections in the Activity->Connections window.

I do realize that avp.exe could be a certified application, so i unchecked the “DO not show any alerts for apps certified by COMODO”. But that didn’t really seem to work. (:AGY)

Any solutions?

2

Ok well it looks like comodo wasn’t working as i expected. I tried using other applications to access the internet. And when comodo asks me to allow/deny an application and you don’t check the “remember…” checkbox the application can establish that same connection again without comodo asking you. At least if the application is still running. If you close the application in question and then start it again comodo will ask you for permission again. That’s kinda strange if you ask me. It should always ask for permission on every connection attempt when the “remember my answer” checkbox wasn’t checked. But that is not the biggest problem…

I discovered something when you grant an application access (temporarily, so not checking the “remember…” chekbox). While the application is connected to the internet you can add a rule to the application monitor to block that application. But if the application the disconnects and makes another attempt (same host/port) it isn’t blocked at all. You have to restart the application in question for the changes to take effect.

I don’t know if this is exptected behavior but it seems kind off odd to me.