I am using Delphi to develop various applications, and keep getting warnings that Delphi has changed the in memory image of the EXE. I assume I set up a rule for Delphi? Skip parent? Then is it one of items under Miscellaneous?
Thanks
Which EXE did the pop-up say Delphi had changed?
For, an individual application, the Skip Parent check is defined for each application under Application Monitor (Security tab). You can select & edit applications to change this. Alternatively, various parental-type checks can be turn off globally from Application Behavior Analysis (Security tab → Advanced tab) depending on what Delphi is doing. But, this is not recommended.
It would be best to export CPFs log to an HTML file & then to post the relevant log messages here so we can check them over for you.
Whatever EXE is being run through Delphi at that time
It would be best to export CPFs log to an HTML file & then to post the relevant log messages here so we can check them over for you.Ok, will do that tonight
Do you mean the EXE that you’re building in Delphi (ie. your own application)?
Yes, I am using Delphi to develop applications, and am getting warnings that Delphi has changed the in memory image of the exe for that application I am developing in Delphi (not on that PC, not sure of the exact wording).
OK & no problem, we can wait until you post the relevant CPF log entries later.
attached
[attachment deleted by admin]
G’day,
I think the alert is telling you exactly what the issue is - delphi is modifying the in-progress EXE. You could try creating an application rule for your in-progress EXE, but also clicking on the MISCELLANEOUS tab and enabling “Skip advanced security checks”. If the pop-ups still occcur, try also selecting “Allow all activities for this application”.
Hope this helps,
ewen 
I am quite aware what the issue is, it is how to fix it I wanted to know. I created a rule for this exe, and used “skip advanced…” but it still issues warning each time. I then used “Allow all…” and still warnings.
[attachment deleted by admin]
Well, I’ve set up a rule for Delphi with “Allow all…”, another rule for the EXE also with “Allow all…”, have said remember my answer, and I am still getting a message every time. What exactly does “allow all…” do, as it does not seem to allow all?
The problem, as I see it, is that you are presumably constantly changing the program as you develop it. So, even if you tell CPF to Allow & remember it… when you subsequently change it, then CPF will detect that change & display an alert again. After all, that’s what CPF is meant to do.
Does that make sense?
So am I the only developer using CPF or am I doing something wrong? Usually firewalls have an option to just check a known program by reference to its pathname and ignore checksums - I know this introduces a risk, but in my opinion so also do a lot of messages that aren’t necessary and can develop a mindset of just closing warnings.
CPF don’t do that.
And you’ve said that corectly. It will introduce a greater problem.
In another point of view; CPF stand for Comodo Personal Firewall.
Which in it’s core purpose, is to solely defend the user’s personal computer. Thus’ it’ll need to make sure the innocent user gets fully protected from any intrusion they may get. …and that’s including the apllication’s checksum check.
If you decided to take it to another level, than you’ll have to sacrifice some of your comfort feel into it.
At any rate, you can try to raise this issue to the wish list.
I think you might have misunderstood my post. I was trying state what I thought was possibly happening, given what you had said & then… not very clearly… asking you if that fitted the facts as you saw it.
I made that post because I felt that, potentially, Delphi was not the culprit for the pop-ups at all. Since all the focus seemed to be on Delphi, I first wanted to make sure that I had understood what was happening. As I was beginning to suspect that the rules should created for the applications that you were creating (GDay & Backup) rather than Delphi. If you had confirmed what I had laid out, then I would have suggested creating rules for GDay & Backup or adding them as Trusted Applications and also trying the “Allow all activities for this application” option for them to see if that helped.
I’m not saying it would have helped, since I’ve not tried it myself & CPF’s Help didn’t give any details on the option, with regards to changing checksums. So, you might have ended up adding a wish to the Wish List anyway. But, that is where I was trying to go.
I apologise for any confusion that I may have caused.
Hey alycat,
I was only pointing these options out in case you hadn’t tried them. The reason I jumped straight onto these two options is that when I am forced to dirty my hands in code ;), I was getting the same thing. Setting these two options fixed the issue, but I wasn’t coding in Delphi.
I’d recommend lodging a support ticket on the official support website - support.comodo.com.
When/if they give you an answer to this issue, can you pleqase post the result back here, in case someone else has the same problem.
A friend of mine in The Netherlands is a Delphi developer and was applying to be a Comodo SSL reseller. I’ll drop him a line and see if he’s come across this before. IfI get any info from him, I’ll post it back here.
Cheers,
ewen
No problems, I just jumped in a bit quick, I was just getting tired of ok’ing message after message.
I have tried setting up a rule for Delphi and allowing it everything I can see, and also setting up a rule for GDay and again allowing everything I could see, all to no avail. What makes it worse, Delphi is running on desktop #4 and Comodo only displays on the first desktop (I am running multiple virtual desktops).
My previous firewall had an option to not use checksums on known (and changing) programs, but it is like everything I guess, it is just so hard to get one piece of software that does everything the way you want (GDay is my email client, I couldn’t find one that satisfied me (:LGH))
hhmm, ok, did you set a rule up for the exe or the developing tool or both? Thanks
When programming in CAP, I have to set up rules for both, as CAP writes out the code to file and holds a copy of the in-progress EXE in its own memory space for system referential calls, but executes and debugs the in-progress code in an internal space.
I haven’t heard back from my friend yet. Hopefully sometime over the weekend.
cya
ewen