Items NOT CAUGHT by Comodo

I installed the firewall 3 days ago and over this period I have updated my security software. The following 3 programs were not caught on any of the updates by Comodo and were allowed to pass through without warning.

Spybot SD - SpywareBlaster - Ad-Aware se (personal).

If these three items are accessing the net with indication or asking permission how many other are doing so.

There are also 2 instances of msimn.exe (Outlook Express) showing in the application monitor, as well as two instances of avgemc.exe (AVG -Free - E-mail scanner)

Before uninstalling Comodo and re-installing a reliable firewall I will wait for an explanation of this behaviour

I have just found out why there are two instances of msimn in th eapplications list. I use a free version of MAILWASHER (an older version that allows hotmail checking|) and this puts the second instances into the list as well as the mailwasher its-self.


These applications are undoubtedly in the Comodo database of known applications.

There is an option in CFP that is enabled by default - “Do not show any alerts for the applications certified by Comodo”. This is found under SECURITY - ADVANCED - MISCELLANEOUS. If you turn this OFF you will start gettting more alerts. CFP contains a database of over 11,000 applications that have been certified by Comodo and the firewall will automatically create the correct rules for these applications dynamically.

It is quite possible to have more than one instance of an application in the Application Monitor, as CFP doesn’t just look what applications are started, but also at how they were started and what started the initialization of the application. An application started from a desktop shortcut will have explorer.exe as its parent. The same application started from an alternative launcher (like Rocket Dock) will have a different parent and this will cause another rule.

Hope this helps,
Ewen :slight_smile:

I hate to sound negative, but you’re worried that Comodo is allowing Spybot S&D to connect to the internet?

I mean, that’s like being upset over…
You know, I can’t actually think of any cogent similie for this… Oh! It would be like hating linux because you can run it on a 486, or hating Apple because they don’t crash twice a day. Do you also complain that WinXP doesn’t give you the BSOD frequently enough?

I know that Spybot and Ad-Aware are top-rated programs, and I use S&D religiously… I know that the other two are long-trusted apps with proven technologies.

I find it hard to believe that an honest forum member would complain about those three programs being able to update themselves. Spybot S&D is the foundation of a lot of people’s computer security choices.


I understand your desire to know that your firewall is secure, regardless of the applications involved. Rest assured that if one of these safelist applications were to get hijacked, you’d get an alert based on Application Behavior Analysis, or ABA (Security/Advanced), letting you know that something undesirable may be happening.


PS: Just don’t turn off ABA! :wink:

I had just installed Comodo firewall and was\am new to the way it runs and on how it behaves. My concern is that ANY program was\is connecting to the net without (my) permission. It makes no difference that the mentioned programs are trusted and reliable programs it was\is the fact that they were doing so WITHOUT my permission. My concern was that if they had the abillity to do so then other undesirable programs might\would also have this abillity. For anyone (IMHO) to accept ANY program connecting to the net in this day and age without prior specific permission is stupid. :-\ (I mean no offence to you with that last statement :-*)

I will over the next few days\weeks be posting questions, that in your opinion are possbily stupid or nonsensical but are of concern to me. I have reading difficulties and need to ASK questions (this has taken me years to learn). It is only by my asking these seemingly stupid questions that I can learn, and the trust that I will eventually (hopefully) have in the program (any program) and forum members can only come when I have used the program and asked the stupid questions and recieved clear replies.

Panic & Little Mac
Thanks for the explanations. I will re-install the Ghost image with Comodo in it and have another look throught the settings.


Here’s a great place for you to start:,6167.0.html. This is a compilation of tutorials/explanations about CFP and various functions/application rules, etc. These are all copied from the original topics, so that there’s no back-and-forth comments/questions, etc, to make it easier to read through. Each item has an embedded link to the original post (this is where you can post relevant questions). The first post in the thread has a link to a compilation of FAQ links, broken down by topic.

If you can’t find a relevant existing topic for your question, you may certainly start a new one. At any rate, ask away; we will do our level best to answer in a way you can understand easily. :wink:


Little Mac thanks for the link, I will read it later today (:NRD)