I talked about this topic in another post but have now spent the last 4 hours tweaking and getting quite familiar with this new version and I’m seeing some inconsistencies.
Most importantly, if I can’t change a setting and see an expected result, I can’t have confidence in this version.
My issue, I don’t want Acrobat reader from accessing the internet without me giving permission each time. I don’t allow auto checking for updates so really the only time it needs an internet connection is when I open a PDF file from the Internet in an embedded browser tab. I use Firefox almost exclusively, though in the old version this didn’t seem to make a difference. I didn’t allow acrord32.exe access to the internet and I was asked every time.
I received a suggestion that I look into a dll file in the Firefox plugin directory. I did and it didn’t make a difference what I did with it.
Note, I’m using Avast, which as you’ll see below may be part of the source of my frustration.
When I installed CFP two or three days ago I probably allowed too much to begin with. It was frustrating getting loads of popups and over 2000 files in my pending files list. In the end I had made Mozilla a trusted vendor and way too many things trusted applications. So I went to my newly trusted files and removed the two files I wanted to tweak, firefox.exe and acrord32.exe. I then removed mozilla from my trusted vendors. I removed the two files from my Computer Security Policy and Network Security Policy lists (this was after changing their settings many times with no apparent impact). I then rebooted the computer.
Assuming I was starting fresh with these two programs I built a new Predefined Firewall Policy, named Ask for Internet Access. This required an ask for any IP or TCP/UDP. I then assigned that policy to both files (firefox.exe and acrord32.exe). I then changed my Firewall Behavior Settings to Custom Policy Mode.
Here’s how I tested. I opened a browser, and was immediately asked to OK Firefox.exe by CFP. I was quite proud of myself. I clicked OK or Yes or Allow or whatever that popup asked for. I then did a google search for 2008 W4 (a relatively small PDF file). When I clicked on the file it appeared to start the process of downloading the file and then after about 5 to 7 seconds I received another popup asking permission for acrord32.exe, which in all my newfound enthusiasm I clicked OK/Yes/Allow without unchecking remember my answer. It let the file open as it should.
All was fine, I thought, with the only thing left to deal with was to tell CFP not to allow acrord32.exe access again without asking. If I could do it once I could certainly do it again, I thought. No such luck. I did see that a new Computer Security Policy was added for both files. I immediately took out the adobe file. I then saw that my two Network Security Policies had Allow Incoming and Outgoing Requests added to it. I thought this was going to be too easy to be true as I removed that entry from the Adobe file.
I keep this book short and not explain all I did to attempt to replicate what I just did, with no luck. I even imported an old configuration (from before I tweaked anything) and the best I could get was to be asked for Firefox permission but never again could I stop acrord32.exe from doing it’s thing.
While troubleshooting I was once asked to allow ashwebsv.exe permission after I took almost everything out, but once I allowed it both Firefox and Adobe were able to do their thing.
Does anyone have any ideas about what else might be lingering in there allowing Adobe particularly access to the internet when I take out all instances of that filename (that I can find) from CFP? I’ve tried it with nothing entered for Adobe and sometimes one entry for Adobe in Network Security Policy with either an ask or a blocked, with no difference. Each time it works and each time I end up with a new entry in Computer Security Policy with limited access. It does say ask in CSP for all but DNS Client Service, but even if I make that Ask it makes no difference.
I’ll give Comodo the benefit of the doubt that there is something I’m missing but to not be able to replicate the outcome from a relatively simple set of procedures makes me wonder if CFP is always doing what I expect it to be doing.
My last hope will be to uninstall and reinstall to give it one last chance before going back to version 2.
Thanks in advance,
MV