I’m getting a lot of CPF popups like “A new parent application has been detected. Firefox.exe may be using firefox.exe to connect to the internet.” Or, “update.exe may be using update.exe to connect…” etc., where the main and parent application are the same.
Curiously, many of them also end with “This case is too suspicious.”
Can anyone explain? How does an application “use” itself, and why is that triggering alerts? And what does “This case is too suspicious” mean I should do?
I also see this issue with both Firefox and Thunderbird when I use the feature that both have of restarting themselves. For example, about five minutes ago, Firefox downloaded a new update (version 22.214.171.124) and to install it, I restrated Firefox. It is a little weird to see CPF’s alert that it is very suspicious for Firefox to be starting Firefox, because it may be hijacking itself! Just allowing it seems the only possible response to this! (R)
I believe that when updates to Firefox & Thunderbird take place, there are subtle changes to their exe’s. You should only see these popups after an update, and only once or twice each. I use both programs, and that’s what happened in my case. You shouldn’t be concerned.
I get these same warnings for Firefox and Thunderbird. When I update Firefox or Thunderbird, or when I install or update extensions. (I mean Firefox is using Firefox … and Thunderbird is using Thunderbird …)
I don’t think it has something to do with CPF, because I get exactly the same kind of warnings from System Safety Monitor. I guess that, when updating etc., in some way Firefox and Thunderbird restart themself after the first start, or something like that.
I have a feeling that CPF is rather strict when it comes to application monitoring. Remember that it is only one of the few firewalls to pass leak test? So, it is possible that any changes in the Firefox would lead to CPF issuing a warning.