invisible application

hi - a few quick Qs…

  1. what is an invisible application - is it just one app being launched by another app to access the internet, or is there something more specific to the definition?

  2. I have a Suspicious Behaviour warning about iexplore.exe using AcroRd32.exe as an invisible application - is this warning because
    a) iexplore.exe is not safe (it’s v7 RC1, and therefore not yet COMODO-designated safe)
    b) AcroRd32.exe is being used as an “invisible” application, even though AcroRd32.exe itself is SAFE

  3. now that I’ve created an App Rule to allow AcroRd32.exe with parent iexplore.exe and misc. option “allow invisible connection attempts” - does this rule ONLY apply to AcroRd32.exe when it’s used “invisibly” by the iexplore.exe parent, or is AcroRd32.exe now going to be allowed to connect invisibly for any parent?

thanks in advance

m

Well, I am not a guru at invisible apps, but what I do know is this…Some applications will use this when transmitting information to the server to remain undetected by others. Some trojans, viruses, use this to gain access while trying to go undetected. If linked to the known parent, typically (I use this lightly) safe. You have to let things get on your pc, or off. An attack doesn’t mean it’s just THERE if you get my meaning. If you know what you have on your pc, trusted programs, etc…then once again you are typically safe. Adobe may in fact be using the invisible application to get information for updates etc…and uses this to hide the information for your benefit. Microsoft uses this as well. If there is an unknown invisible application without a parent, I would simply deny it. So to try and sum this up, if it’s coming from your pc and you have trusted applications and no known viruses, spyware, etc…then you are fine. Don’t ever allow an application to access the net or to access your pc, especially if asking for server rights, if you don’t know what it is. It’s always safer to block it, and if an application doesn’t work correctly or you can’t connect to the internet, then you know you have blocked a needed process.

Hope this helps

Paul

thanks comicfan2000

I was really hoping one of the developers could give me some specific answers - that’s why I tried to write some specific questions :slight_smile:

It is the applications not having a visible window during the startup.

2) I have a Suspicious Behaviour warning about iexplore.exe using AcroRd32.exe as an invisible application - is this warning because a) iexplore.exe is not safe (it's v7 RC1, and therefore not yet COMODO-designated safe) b) AcroRd32.exe is being used as an "invisible" application, even though AcroRd32.exe itself is SAFE
It should be because that IE version has not been included in the safe list DB yet.
3) now that I've created an App Rule to allow AcroRd32.exe with parent iexplore.exe and misc. option "allow invisible connection attempts" - does this rule ONLY apply to AcroRd32.exe when it's used "invisibly" by the iexplore.exe parent, or is AcroRd32.exe now going to be allowed to connect invisibly for any parent?

Valid only if the parent is iexplore.exe. For other parents, unless skip parent check is not selected, CPF will ask again.

Egemen

oh, THAT kind of invisible! - it’s obvious now…

thanks for the details egemem - that’s cleared that right up