Attached is a list of blocked applications that I have set to ‘allow’ when the notification has come up. I would thought that would be enough but CFW is still blocking them. I have also been into the HIPS section and changed each of the items from ‘custom ruleset’ to ‘allowed application’.
What do I need to do to make these elements work and what should I do in future to avoid this situation? Am I doing the wrong thing by clicking ‘allow’?
I’m also experimenting to see if ‘safe mode’ or ‘clean PC’ makes a difference.
One major annoyance is when I open wordpad. The program opens fine and expediently and I start typing but the program then freezes for about 7 seconds until comodo is finished doing whatever it’s doing. Again, it’s set to ‘allowed application’.
I’m also having a problem every time I open a webpage with flash on it (eg: youtube for example). So the opening of flash is also causing a problem.
Thanks for the response, I agree, it’s unlikely to be the firewall. Is there another forum for the HIPS section of the software? I can’t see it if there is
It looks like plugin-container.exe and FlashPlayerPlugin_13_0_0_182.exe are not in Trusted Files. That would explain why you get notified when you start them.
Thanks but my issue is comodo not remembering allocations.
If I set a program to be an ‘allowed application’ comodo will still create alerts and reassign the program as a ‘custom ruleset’.
I don’t understand why, when I set a program to be allowed it isn’t allowed. Surely if I say the program is ok comodo shouldn’t ask me anything about it again?
I’ve got wordpad to stick as an allowed application but there’s still several seconds to wait when I open the program. How do I stop this because it is driving me insane.
Some other programs won’t run unless I disable comodo completely, eg: exit the program.
The update has been a nightmare for me, it just seems like comodo doesn’t work anymore and is doing its best to not do what I ask of it. If it’s user error please let me know.
So you run a new program, comodo says ‘hey, what do you want to do about this?’ I say allow and I then allow all the further notifications. I go into the hips section, highlight the program in the list, click edit and change it to an allowed application or even a windows program and click on OK. Surely that should be the end of it?
Can you make sure plugin-container.exe and FlashPlayerPlugin_13_0_0_182.exe are in Trusted Files? Does that make a difference or does the problem persist?
Can you try importing a factory default configuration and activating it and see if that helps. The factory default configurations can be found in the CIS installation folder.
If that doesn’t help then the various symptoms suggest your installation of CIS could be damaged. Please try reinstalling CIS and follow Most Effective Way to Reinstall CIS to Avoid/Fix Problems by my colleague Chiron. It will provide a reliable and clean starting point. Hopefully that will fix your problems.
I had a similar prollem with those very identical files, e.g., plug-in-container, Flash plugin, among others. I was amazed that CIS didn’t recognize these particular files - especially - among others; it would seem that plug-in container is foundational to CID at least (maybe not if they’re specific to generic FF or Chrome).
I resolved the issue by manually moving these files into the trusted zone ASAP. Or when the isolate alert appears, click don’t isolate this again.
As far as ‘allow’ when the pop-up occurs, it won’t remember that unless the ‘remember this’ box is ticked. Then it creates a HIPS rule for the application with the specific circumstance included in the general rule for the application. Any other circumstances WRT resource access name events will generate another alert for the specific circumstance regarding the specific resource access name.
Another global panacea is to select ‘treat as’ and select ‘trusted app’ (or sumpin’) + ‘remember this’ and it creates a HIPS rule with the specified default generic ruleset.
I’ve discovered that ‘remember this’ is very processing intensive. So SOP for the most part is to allow + ‘remember this’ for the first instance of a resource access name alert for the initial start of any arbitrary app. Then I untick the ‘remember this’ and just click through the alerts ‘allow’. Then I go into the log, and manually update the rule that was initially created with all the resource access name entries in the log. When O.K. is pressed in Advanced Settings, the whole gamut is updated at once. This is a very nice feature in v7, whereas in v5.12 you couldn’t modify / maintain Firewall / D+ rules simultaneously.
This really facilitates updates to various components, e.g., Java, Flash etc., where alerts can be a mixture of FW & D+ Once the process progresses to where a UI appears awaiting input, I just leave it sit there, and then maintain the FW & D+ rules according to the logs and then click O.K. and it updates CIS everything at once. Then I click the applicable ‘continue’ button in the offending app. 9 times out of 10 it continues to run w/out a hitch after that. And usually after that, the app won’t alert for anything after that except the isolated additional file / folder it needs access to or execute permission.
Thanks, I completely uninstalled comodo and used the removal tools (twice!).
It’s still not behaving as I would expect, comodo will raise a prompt asking what to do with a new program, I say allow (the remember box is always ticked btw). Then I’ll go into and manually change the program to an ‘allowed program’. The next time I run the program I get a prompt asking what to do, I say allow, again and the ruleset is changed to ‘custom ruleset’.
In a separate issue a program is in the trusted files section and comodo still won’t allow it to run. Even if I exit comodo the program it still won’t run, it’s only when I uninstall comodo that the program functions as it should.
I’m not a stupid or tech ignorant person but this one program is obviously beyond me. I used the previous version FOR YEARS without a single issue and I don’t understand what changed. The previous version remembered all of my allocations and behaved accordingly. I still don’t get why, when I’ve manually assigned a program to be ‘allowed’ it’s not the end of it.
Yea this is annoying. I too have hips not remembering selections.
I found the trusted ruleset in hips has ‘run an executable’ as ask, so you can set it as trusted, and then it would be set to custom if it ever calls another executable. This has changed from previous version iirc.
i really don’t see how uninstalling/re-installing a program can fix a bug! 88) is there really an issue (persisting through version updates) that is continuously corrupting saved data or registry entries?
especially considering the painful procedure with that unofficial uninstaller, time it takes, and its massive download size.
i have never seen an antivirus + security company recommend to remove its product and run UNSIGNED and UNTRUSTED CODE to get it working again LOL (no offence btw)
Umm what are you downloading, the uninstaller is .bat script file and is only like 100 kb big? If your using the Comodo Uninstaller (label setup.exe for some reason) that is not recommended to be used with CIS6/7.
Here i had a problem too with HIPS. One at a sudden an .exe file of a game wasn`t trusted anymore. It costed to me much time to find out. I had such a problems in the past too with the firewall and sandbox. Comodo keeps surprising me…
was referencing the installer, which is unnecessarily sized at around 200MB-
AFAIK the installer actually creates a folder, in which it populates with the latest versions of installation candidates (C:\ProgramData\Comodo Downloader*). most internet downloaders are not much bigger than a few MB…
but to my point: anybody who has ever spent any time using the *nix platform, usually understands just how dangerous unsigned and untrusted code can be. and batch scripts are no different. this is why most internet downloaders check a MD5 and SHA1 hash against the target, to ensure there was no change from the original, either on the server, OR while in transit.
what makes it more dangerous in this case is that, during the uninstall phase, you are actually removing your internet security application. you have no protection. then you execute the untrusted code?
and its not that i don’t trust the uninstaller or the guy who wrote it either;
it’s a very real phenomenon that web hosts, cloud servers, and other online file storage mediums get hacked. generally the “bad guys” inject the untrusted code with backdoors. this has happened to many many mirror sites over the years, including popular downloading websites, and even *nix download repositories.
there is really no reason why the installer cannot keep a detailed list of everything it has installed, and properly remove it when cleaning up. the only other method i can think of is to install COMODO Program Manager, and let it monitor the install. which is absurd.
See if the HIPS rules you made are underneath a rule called “All Appcliations”. If so move them to a place above the “All Applications” rule. Now the HIPS rule you made should be followed.
By default CIS will put HIPS rules underneath the “All Applications” rule. It will then follow the rule set by the “All Applications” rule and not your rule.
In case of doubt disconnect from the web for the time being.
there is really no reason why the installer cannot keep a detailed list of everything it has installed, and properly remove it when cleaning up. the only other method i can think of is to install COMODO Program Manager, and let it monitor the install. which is absurd.
You've got a point. I am sometimes wondering if making an installer is being regarded as a less desired type of job in an organisation and as a consequence there is high rotation of employees resulting in an inconsistent user experience. :-\
I got around this problem before by manually going in and deleting everything related to firefox, then I got a prompt asking what to do and it was fine after that for some reason.
I’ve done the same with waterfox but when I open the program I get no prompt, it just opens. There is no reference to waterfox anywhere within comodo.
I do not understand this program, I need someone to tell me how it works because it seems entirely random. If a program is in the trusted files section and has a rule that states it is an allowed program that should be it right (and yes, all rules are above 'all applications). Conversely, if I remove all references to a program comodo should ask what to do with it right?
Seriously, this has been driving me mad for a month. What am I not getting here?
If that fails try creating a clean profile using the -profilemanager switch (ie. start menu > run > firefox -profilemanager) and disabling all addons and extensions.
Thanks aim but I went through all that the first time round when I first installed the comodo update, the problem wasn’t firefox it was comodo. I somehow managed to find the magic combination that made FF work but I can’t replicate that this time with waterfox.
I just want to know how to make a program work with comodo
