Hi guys I was hoping you could give me an idea why my firefox is getting blocked while it’s working without any problems. The only remedy I found so far is restarting firefox but it’s not really practical.
I get the following in log:
Date/Time :2007-11-01 23:33:41
Severity :High
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:82.xxx.xxx.2: :dns(53))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\explorer.exe
Protocol: UDP Out
Destination: 82.xxx.xxx.2::dns(53)
Details: firefox.exe contains the component 㩄卜偕剅湁楴灓睹牡履䅓卓䡅䐮䱌 that is defined to be blocked.
2 places to check for anything blocked: Application Monitor and Componitor Monitor. If it’s AM then delete that rule(s) related to Firefox. If it’s CM then you have to allow the item(s) and click on the Apply button to save the changes.
well that was quick response thx. My problem is that the browser is functioning and the rules are ok but frequently is getting block for no apparent reason plus firewall doesn’t ask 4 any new component I just get that weird thing in log:
Details: firefox.exe contains the component 㩄卜偕剅湁楴灓睹牡履䅓卓䡅䐮䱌 that is defined to be blocked.
Meaning there are no alerts by CFP at all just before Firefox is blocked ??? That’s strange. Curious: when CFP was installed, were there any other security software running?
Just AVG freebie though I don’t see how it can be related. Do you think erasing the rules could get me rid of this weird hick up? The funny thing is there is almost nothing blocked and there is no visible component related with firefox
Exactly. That’s why it’s strange. Reason why I asked if other security were running is because we’ve seen lots of strange reports of unexplainable issues, and sometimes it’s due to those software interfering with the CFP installation.
If deleting the rules and then restarting Firefox doesn’t work try to reinstall CFP (delete any remaining related registry keys after uninstall) in Safe Mode.
NOTE: This seems to only work for CFP 2.4 and not v3.x BETA.
Using CFP for more than a year. Today, couldn’t use Firefox or IE to access internet without turning off CFP. Here is log. Look at the only HIGH severity event. No idea what the Chinese (I think) phrase means. Tried google and babel translator without success.
If you need captures of Application and Network rules, let me know. BTW, all entries in Component monitor are allowed.
Nag: I moved your topic here because you have the same issue as aypnoia. Yes, I also agree that those are Chinese characters and I don’t know what they mean. See if the above suggestions will help. I also noticed that your High severity entries reference the loopback address 127.0.0.1. Did you enable the skip loopback option yet? A screenshot (maximized) of your Application Monitor rules would help.
PS: I removed your log posting and replaced it as a text file because it was a bit long. Don’t mind me for being organized (:NRD)
Well, your rules could use a lot of re-organizing and down-sizing, but I’m not going to question your setup as it won’t address your main issue here. As far as I see, there is nothing in those two Monitor modules blocking your browsers.
It boils down to 3 suggestions from me:
Clean re-install CFP (removing any traces after uninstalling) in Safe Mode
File a ticket [at-bypass] http://support.comodo.com and reference this url to them, including the fact that a forum moderator directed you to do so
Something to try, when a block occurs, is to run “netstat -anobv” from an command prompt. It’ll take a few moments to complete, and will take a snapshot of all open ports, controlling processes, and their component chains.
An alternative is to download “tcpview” from sysinternals.com (which will redirect to the microsoft.com web page), and use that tool for somewhat more dynamic tracking of what’s going on.
Well, I think it is a little OT, but if you insist:
Firefox (and perhaps other programs) does not need an incoming rule allowed. This is a common “error” I see when members post screenshots. Unless you’re running a proxy server, I suggest that you disable loopback checking by enabling the Skip TCP / UDP Loopback check option. That’ll eliminate some of the rules in Application Monitor.
Edit: After examining how dangerous your Network rules are :o. You have about 5 or 6 rules there that practically disables the firewall by allowing everything in & out on TCP & UDP. See your PM I’ve sent…
One other thing. Firefox has a configuration called “Safe Mode” which is accessible from the Start menu. In “Safe Mode”, none of the add-ons or plugins are loaded and the browser runs in its default configuration. It might be worth loading it that way in order to determine whether it’s one of the add-ons which is causing the problem. There’s a list of problematic extensions here: http://kb.mozillazine.org/Problematic_extensions
4 “dances”. cu