[b]Comodo 7.0.317799.4142
Win 7 64 bit
Firefox 50.10[/b]
When I install anew program and it wants to connect to internet say to check for updates it asks and I decide. But it is able to connect to the ‘thanks for installing’ page without asking. How does it do this? A shortcut using firefox as firefox is trusted? Is this what they call injection? How can i make all programs ask?
Thanks
Which configuration are you using? The default “Internet security”?
If so, by default Comodo Firewall will allow any outgoing request when set to Safe Mode
To get the popup you should uncheck “Do NOT show popup alerts”.
Like this, if the program you installed is trusted by Comodo, it can freely access the web. If not, you will get the popup from the firewall
Like this, if the program you installed is trusted by ComodoWhat do you mean trusted, the comodo whitelist?
I have just the firewall i.e no av etc. Safe mode. HIPS and Auto sandbox disabled.
Too much hassle removing program from Auto Sandbox and i do not use the cloud lookup
Do not show pop up alerts is disabled. I get popups for connections except the one where it goes to the thanks for installing page
I do not use the cloud lookup. Thanks
mhmm, like this, the only option is that the program is digitally signed and the signature is whitelisted by Comodo Trusted Vendor List.
You can check this under Advanced settings → Trusted Vendors
By the way, what’s the program?
Thanks. If it is digitally signed why is it blocked by comodo when checking for updates but can get to the ‘thanks for installing’ page without asking. I do not recall the program saw it happen with a couple.
Some can also get to the ‘why did you uninstall’ page without asking i.e open that page when uninstalled
Sorry, I can’t figure out the reason, then
You have HIPS disabled and the program is most likely invoking the browser to open the website.
@future tech. I was able to block it by enabling HIPS safe mode but then got loads of alerts. How can i stop the program invoking the browser to open the site without HIPS. Is the program using browser to open the site what is called injection or what is the term for it. Thanks
http://forums.mozillazine.org/viewtopic.php?f=37&t=1886465
Second last post. How is this done in Comodo 7?
It’s called browser hijacking. You should use Autoruns, CCE or something similar to solve it. (if the case)
Why not enable Cloud Lookup? Doesn’t really make sense to me. To answer your question, for example : create a HIPS rule for Web Browsers and treat as Windows System Application. Place this rule at the top. Now, edit All Applications rule > Run an executable > Exclusions > Block : Web Browsers.
It is not browser hijacking. it does not change the home page or redirect regularly, only when updates are clicked
Ido not understand what comes after create a HIPS rule for Web Browsers and treat as Windows System Application. Place this rule at the top
Where do i Now, edit All Applications rule > Run an executable > Exclusions > Block : Web Browsers.