Program allowed without any rules set.


I have the latest Comodo running with Defense+ & Firewall set to Safe Mode, No AV, Sandbox is disabled. The following program, once installed will run completely free, not a single popup from the firewall, not a single popup from the defense+ module.

P.S. My “Trusted Vendors” list is slimmed down to the Microsoft, Comodo, and Realtek specific ones, so it cannot be a case of an auto-trust rule, since all related settings under Defense+ are switched off.

I configured Comodo to popup as much as possible and to be as strict as possible.

However, when i double click the program’s icon on the desktop, it can do whatever it wants without any popup from Comodo.

Please, what’s wrong here ?

HostsMan Download Link : HostsMan ·

Just to add, the same thing occurs for this program :

Windirstat : WinDirStat - Permalinks to downloads and other content

Not a single popup, after the program is installed.

Please make sure the box in the image below is unchecked. Also, are you running Avast 7?

[attachment deleted by admin]

Hi Radaghast,

That box is unchecked.
I don’t use Avast, my main AV is Panda Cloud Antivirus free.

… I remember i had the same thing with those 2 pograms happening before i complete reinstalled Comodo a good 6 months ago, so i think it’s not a configuration program but something being misinterpreted as trusted, allthough the vendor is not in my “trusted vendors list” and both programs are not in the “Trusted Files” list.

Windirstat is listed as safe when I tired to submit it.

In addition to the Trusted Vendors list, there is an application whitelist that the user has no control over. If you are running in Safe Mode, you still have whitelist functionality.

Hmmm, interesting. I never knew that, and probably not many other people. :wink:

I have Hostsman 3.2.73 and had been using it for quite some time. I stopped running it a couple of months back due to the web protection afforded by Emsisoft Anti-Malware and Malwarebytes which I also run in real-time…

…however, my point is this…after reading your concerns, I just opened it to try to download and update one of the subscriptions I had used with it.

Upon making the request, Comodo popped up and asked me if I wanted to allow the connection.

I declined the connection and that was that.

I realize that this thread is in the D+/Sandbox side of the house, but can you explain what the program is doing in the absence of connecting out?

By the way, I have the firewall set to “custom” with the option ticked to “create rules for safe applications”. This was suggested to me in another thread when I asked what settings needed to be applied to be given the option to allow or block new outbound connections. (I’ve only been running Comodo’s firewall for the past couple of weeks.)

I wonder why , first, responses from other users who were also surprised that some secret internal whitelist existed, were deleted, and immediately thereafter the topic got locked.

You don’t make fools of users. If the real deal here is that once someone asks a serious question, when you don’t have any serious answer, you’ll have to lock topics and start deleting posts, and people see for the *'nd time the real intensions and uhm “strengths” of this so called security software.

Over & out. Bye.

Nobody locked this topic, unless you did. Mind you, you didn’t seem to try & post when any topic was locked.

In addition nobody deleted any posts. However, the forums was down for several hours recently (for over 12 hours) and had to be eventually be restored from a back-up (dated on/around 4:55 UTC 25-May-2012). So, this could easily be the reason for any missing posts. But, as it is your known tendency to see (and paint) Comodo in bad light, your post does not surprise me at all.

That’s probably a good idea Kebab.

Berzerk, obviously from the other thread you’ve started, you misunderstand the function of Safe Mode.

Safe Mode is for users that don’t like all of the alerts that HIPS products are famous for. To reduce popups, features like the Sandbox, Trusted Vendor List, and the whitelist are incorporated.

If you prefer to make all of the decisions yourself, then run Defense+ in Paranoid Mode, and the firewall in Custom Policy mode. In these modes, the user will be alerted to any and all actions on their PC.