"firefox.exe is using firefox.exe..." [RESOLVED]

Hi all,

I’m getting a lot of CPF popups like “A new parent application has been detected. Firefox.exe may be using firefox.exe to connect to the internet.” Or, “update.exe may be using update.exe to connect…” etc., where the main and parent application are the same.

Curiously, many of them also end with “This case is too suspicious.”

Can anyone explain? How does an application “use” itself, and why is that triggering alerts? And what does “This case is too suspicious” mean I should do?

Thanks very much!

I also see this issue with both Firefox and Thunderbird when I use the feature that both have of restarting themselves. For example, about five minutes ago, Firefox downloaded a new update (version and to install it, I restrated Firefox. It is a little weird to see CPF’s alert that it is very suspicious for Firefox to be starting Firefox, because it may be hijacking itself! Just allowing it seems the only possible response to this! (R)

I believe that when updates to Firefox & Thunderbird take place, there are subtle changes to their exe’s. You should only see these popups after an update, and only once or twice each. I use both programs, and that’s what happened in my case. You shouldn’t be concerned. :wink:


If you keep getting the same message over and over - even when you have not updated CPF - can you try the beta CPF and see if this solves your problem:



I get these same warnings for Firefox and Thunderbird. When I update Firefox or Thunderbird, or when I install or update extensions. (I mean Firefox is using Firefox … and Thunderbird is using Thunderbird …)
I don’t think it has something to do with CPF, because I get exactly the same kind of warnings from System Safety Monitor. I guess that, when updating etc., in some way Firefox and Thunderbird restart themself after the first start, or something like that.

Peter Zwitser


I have a feeling that CPF is rather strict when it comes to application monitoring. Remember that it is only one of the few firewalls to pass leak test? So, it is possible that any changes in the Firefox would lead to CPF issuing a warning.

Yours truly,

When a product is updated, its “signature” changes, hence CPF treats it as if its a new application and asks for approval.