When I install anew program and it wants to connect to internet say to check for updates it asks and I decide. But it is able to connect to the ‘thanks for installing’ page without asking. How does it do this? A shortcut using firefox as firefox is trusted? Is this what they call injection? How can i make all programs ask?
Which configuration are you using? The default “Internet security”?
If so, by default Comodo Firewall will allow any outgoing request when set to Safe Mode
To get the popup you should uncheck “Do NOT show popup alerts”.
Like this, if the program you installed is trusted by Comodo, it can freely access the web. If not, you will get the popup from the firewall
Thanks. If it is digitally signed why is it blocked by comodo when checking for updates but can get to the ‘thanks for installing’ page without asking. I do not recall the program saw it happen with a couple.
Some can also get to the ‘why did you uninstall’ page without asking i.e open that page when uninstalled
@future tech. I was able to block it by enabling HIPS safe mode but then got loads of alerts. How can i stop the program invoking the browser to open the site without HIPS. Is the program using browser to open the site what is called injection or what is the term for it. Thanks
It’s called browser hijacking. You should use Autoruns, CCE or something similar to solve it. (if the case)
Why not enable Cloud Lookup? Doesn’t really make sense to me. To answer your question, for example : create a HIPS rule for Web Browsers and treat as Windows System Application. Place this rule at the top. Now, edit All Applications rule > Run an executable > Exclusions > Block : Web Browsers.