Known applications in CPF

Where can I find the list of known apllications? ???

Click the “Security” button top left.
Then click “application monitor”.
Is this what your after.

Actually no. But thank you anyway.
If I understand it well, than Comodo is scanning installed applications in my computer and afterwards it creates rules in CM for known/trusted ones.
I know where to find them after scan, but I’m interested in list/database of known/trusted applications.

They are intentionally hidden from public eyes for security purposes. Besides, the list would be too huge if you’re after the entire one.

I see. THX

If you have applications not in the safelist (ie, they don’t show up in the app monitor after doing the scan…), you may submit them to Comodo…

Right-click on the entry (that you have added) in the Application Monitor, select “send the file to Comodo for analysis.”

That way it should get included to the safelist once it’s been verified and a cryptographic signature created.


LM, I wanted to confirm something. These certified apps - with the option enabled are they:
A) Granted full In and Out network activity
B) Bounded by the same Network rules as others in the Application Monitor
C) Set with special hidden network rules (ports, port ranges, IP ranges, etc.)
D) None of the above?

The answer is…


Thanks. Too bad :frowning: I was hoping it would be C like with panic’s game rules because that would provide peace of mind. Although I trust the database, I don’t trust all aspects of some programs. For example, how do we know svchost.exe won’t someday connect out to an unrecognized port #?

Why would you want C? That would give the program complete secrecy to connect; you wouldn’t know what was controlling it… With B, you define how it connects… this is how you can limit Windows Updater, etc. Sites like firewallleaktester have readily-available info on the IPs and Ports for things like Windows Updater, etc.

With the App Monitor, you specify ports for the application/executable to use. In the Network Monitor, you limit the IP and/or Port range. For instance, instead of the default “Allow TCP/UDP In/Out Any/Any” change it to Allow TCP/UDP Out with destination Port 80, 443. You know your browser is always going to connect to remote 80 or 443, so limit it. Set another Network rule for UDP Out Destination Port 53 (for your DNS).

That way YOU have control over communications. If you don’t trust svchost, get rid of the safelist. Move your alert frequency to Medium, High, or Very High. High or Very High will cause the creation of IP/Port/Direction/Protocol-specific application rules. That makes it even easier to tighten up the Network Rules.

For your browser, you can even set specific IP addresses for the application, that you know you regularly use (like the forums…). Create another rule, for any other criteria (this is your “Any/Any”), to have it Ask you; then when the alert comes up, you can Allow without remember, if you know you are trying to open a website.


You’re right. I forgot about how this will allow more control, provided that one knows all that or takes the time to figure all that out.

Knowledge… aye, there’s the rub. But it seems to me that a 400 year old from Antartica would have had plenty of time to accumulate knowledge… ;D

Joking aside, yes, that requires a level of knowledge and understanding (and perhaps some paranoia as well). Fortunately, for those that want to tighten things up, there are a lot of resources available online. These forums, for instance…