This has been for a long time but recently it shows each day. I have Comodo Firewall ONLY mode in Custom Ruleset. Nothing else.
So the Firewall asks me if Windows Operating System can make an outgoing connection. What exactly is Windows Operating System ? And what shall i do about it, since i don’t know what application is doing what.
I’m not hacked or anything. Apparently Comodo Firewall can’t tell exactly the programm and reports a generic Windows OS.
Please help me solving this, since it seems very unsecure for me.
You shouldn’t be getting these alerts unless you are using an older version of comodo firewall. However, do you have Virtualbox or VMWare installed? Do you know if you have WinPcap installed which you can find out by opening programs & features from the control panel and look for it in the list. What about VPN software do you use any? Also which Windows version do you use.
Next time it happens can you take a screenshot of the alert and make sure you have killswitch installed so that you can get a list of all running processes and save it to a file. I’m very curious on how you are getting firewall alerts for windows operating system and being able to see the active processes at the time of the alert can help determine the cause.
I meant sandboxie the software: http://www.sandboxie.com/ the thread you linked to the user said they where getting these alerts whenever they were running firefox within sandboxie and I was wondering if you have sandboxie installed.
If you could, can you run comodo diagnostics by opening the main GUI and at the top click on the ? then to support > diagnostics. When it finishes click create report and once saved attach it here.
When CIS can not see what process is requesting outgoing traffic it will log this as requested by WOS. A driver is in the way and blocking CIS’s view to say it metaphorically. Hunting down the driver by uninstalling various programs that you know have a driver that interferes with networking can be a tedicious job.
Another way of looking at it is to see to what IP address it is trying to connect and look up the IP address using a whois service like Domain Registered at Safenames . That may give away the program requesting. Or try running netstat -a -n from the command prompt and see if that brings more insight to the table.
You can safely block system PID(4) from outgoing connections. probably either BITS, multicast (some sort of discovery service), or Windows phoning home for PC/user info. It will in no way interfere with Windows Update.
These can give you some insight ran from the command prompt as admin.