This is my first post. I’ve previously used Outpost firewall, which I was quite happy with. Since Comodo offered a free alternative I was very much inclined to try it out, though.
I’ve been using the firewall (3.0.25.378 on Windows XP SP3) for about a week now and I’m quite impressed with its abilities, not the least the philosophy behind a firewall module combined with “Defence+”.
My question is this:
When I run an application dependant upon explorer.exe, CFP presents in its popup window a notification that the parent application “explorer.exe could not be recognized”. In the “Computer Security Policy” within Defence+, there is an application string designated “%windir%\explorer.exe”, which implies to me that explorer.exe is indeed very well known and recognized by CFP (set to custom policy). To me as a user, when trying to run a perfectly legitimate process like sol.exe (Microsoft Solitaire) for example, I am lead to believe that Comodo doesn’t recognize the parent application explorer.exe. Shouldn’t CFP really recognize the most basic and important executable (explorer.exe) of the Windows XP operating system (especially if it’s added to the Computer Security Policy-list)?
I’m a bit confused here and I’ve searched the forum for answers to similar questions, but I simply do not understand the answers given previously. Please help me out in solving what I should really do in order to stop Comodo from telling me that explorer.exe is “unrecognized”.
Best regards (and really looking forward to CAVS3),
Banjan
Sweden
Yes, But it’s actually going to point a to point b in the memory process…
This creates More Security for the user… as well more “Trust” into them own selfs to say yes
or no to a program…
Well, I only have one explorer.exe on the harddisk and the same one running residually in the memory (as shown in the task manager). I’m sure CFP “whitelists” Windows explorer, so that’s why I’m a bit puzzled as to why it would turn up as “unrecognized”.
Yeah, that’s what I’m getting. Although CFP says explorer.exe is an unknown application. I mean: the explorer executable is probably the most common .exe in the world…
All of this might be perfectly valid, but I think it’s a bit odd that CFP would not recognize explorer.exe.
Do the alerts come every time you launch a program? Also, try changing it to the actual path of explorer and see if that makes a difference (e.g. C:\Windows\explorer.exe)
i get this but only for new programs i install but if you are getting it all the time that is strange indeed. i would do what soyabeaner suggested and see if this help.
Ok, I think I’ve figured out why explorer won’t be recognized. It’s obviusly not because CFP hasn’t ever heard of an .exe called explorer; rather it’s probably because the individual application I launch hasn’t previosly allowed any process or program (in this case explorer.exe) to start it.
And explorer.exe “isn’t recognized” because it’s not yet added to the acces rights (“run an executable”) of the program it tries to launch.
All this might seem really trivial, but I was under the impression that CFP didn’t know at all what explorer.exe was. Instead it was unrecognized by the application I tried to run.
I think a better popup notification would be “explorer.exe is a safe file, but has not been allowed access to blahblah.exe (or whatever program I’m launching). Do you want to allow explorer.exe to run blablah.exe?”. I’m sure Comodo developers have a good reason for the current phrasing, though.