I realise that this is frustrating for you, and to an extent share your frustration that issues cannot be fxed more quickly.
However please remember that this is free software, and that the mods are volunteers giving their time freely to help you.
We may make some mistakes, for which we will apoligise, but we are quite knowledgable, and can help you if you work with the process.
Please also remember this is the bug forum not the help forum, so we are concerned to get to the bottom of issues, not just resolve symptoms.
To deal with your issues
Active process list. Only the CIS list has this name but I agree that we could prevent confusion by changing the text, so I will. My apologies for the inconvenience caused.
Format. Here I’m just aslking you to place any supplementary link in their proper place in the standard format ie in the requested position in your first post. You have kindly edited your first post to place it in the standard format, so it makes sense to record any additional information in it.
Installer/updater. If your copy of shell32.dll was a malware file you are probably now infected. Other mods (eg Languy99) may be able to help you resolve this.
Why you cannot tell CIS that shell32 was trusted. We were in the middle of resolving that - it’s either the bug referred to in the bug report, because its malware, or because CIS is confused regarding whether this file is signed.
Hi I’ve faced the same problem as well for the unrecognized file with “Comodo Firewall 5.0.163652.1142”. Not only system part, the usual game that I played also having this issue even I make the file “Always trust this file or package” when it pop-up. After that next time I play the same game again, it still pop up as “Unrecognized file” and asked me to do the same thing again. ???
I’ve also tried to manually add the file to the “Trusted File”, but it still pop-up as “Unrecognized file”. >:(
This is very annoying problem and never happen to any previous version of Comodo Firewall. I’m using “Windows 7 Ultimate (64bit edition)”.
I have another PC also using “Windows 7 Ultimate (64bit Edition)” with “Comodo Firewall version 4.1.150349.920” don’t have such problem happen at all. It’s the 64bit problem or a NEW bug ??
The main issue appears to me to be likely to be same or similar to one already on file. Accordingly, I will merge them, if that’s OK. You can locate the merged report by follwing the link in the email notification.
If you don’t agree please PM any active mod with your reasons and they will unmerge the issue.
Please do a file signature check using the utilty here.
If this is OK then it must mean that you have removed an MS authority from the trusted vendors list, or maybe the list is corrupt. Presuaing you have removed it and it is intentional, the only thing you can do is to make shell32.dll an installer/updater in D+ rules in the CSP. If the list is corrupt you need to do a clean install.
If the sig is not OK then report back before doing anything as your copy of shell32 could be malware.
What you did:[/b] Marked “Always trust this file or package” and then click in “Allow” 2. What actually happened or you actually saw: Same question for the same APP after windows restarts 3. What you expected to happen or see: No more questions about the APP 4. How you tried to fix it & what happened: Manually added as “Trusted”, and tried to add as “Windows System Application” as well 5. If its an application compatibility problem have you tried the application fixes?: Yes, tried to run it as admin and all windows compatibility options 6. Details (exact version) of any application involved with download link: AMD RAIDXpert 2.4.1540.26, http://sites.amd.com/us/game/downloads/Pages/integrated_win7-64.aspx#3 (Raid Driver for Windows 7) 7. Whether you can make the problem happen again, and if so exact steps to make it happen: Restart windows 8. Any other information (eg your guess regarding the cause, with reasons): AMD RAIDXpert runs as service, and services cannot show tray messages, so they use another app, called WinMsgBalloonClient. Defense+ alerts everytime for this app.
[b]Files appended. (Please zip unless screenshots).
Screenshots illustrating the bug:[/b] attachs 2. Screenshots of related CIS event logs and the Defense+ Active Processes List: attachs 3. A CIS config report or file: attachs 4. Crash or freeze dump file: not applicable
[b]Your set-up
CIS version, AV database version & configuration used:[/b] 5.0.162636.1135 / 6867 2. a) Have you updated (without uninstall) from CIS 3 or 4: no b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: 3. a) Have you imported a config from a previous version of CIS: no b) if so, have U tried a standard config (without losing settings - if not please do)?: 4. Other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here): none 5. Defense+, Sandbox, Firewall & AV security levels: D+= SafeMode , Sandbox= Enabled , Firewall = CustomPolicy , AV = OnAccess 6. OS version, service pack, no of bits, UAC setting, & account type: Windows 7 Ultimate x64, UAC Disabled 7. Other security and utility software installed: none 8. Virtual machine used (Please do NOT use Virtual box): no
This issue appears to me to be the same as one already on file. Accordingly, I will merge them, if that’s OK. You can locate the merged report by follwing the link in the email notification.
If you don’t agree please PM any active mod with your reasons and they will unmerge the issue.
OK, more info: I am running Windows 7 professional 64 bit, freshly installed and Comodo’s free firewall (5.3.something - the latest).
Comodo keeps popping up saying “unidentified publisher” “file is not digitally signed” and so on…
when I click on beepapp.exe or winmsgballoonclient.exe in comodo’s pop up window, it says windows can not find the file…
AMD raidXpert is using WinMsgBalloonClient.exe and BeepApp.exe
Files are located both in SysWOW64 folder and in System32 folder.
I added the BeepApp.exe file to trusted files by selecting Add and Browse Running Processes but it is adding only the syswow64 file.
If I try to add the system32 file it says that it’s already added!!! One more strange thing is that Comodo doesn’t list any of those files (and folder options is set to display system files and hidden files… I even checked owner and permissions…)
I managed to add all four files to Defense+Rules but still the pop up window appears…
How can I manually add C:\Windows\System32\BeepApp.exe and C:\Windows\SysWOW64\BeepApp.exe to trusted files?
OK. I solved the issue but I be ■■■■■■ if I understand why…
Here is what I did: rightclick on the BeepApp.exe file in the system32 folder; properties; the details tab; click on “remove properties and personal information”
Some warning messages will appear; ignore them; click cancel.
Do the same for WinMsgBalloonClient.exe (from the system32 folder)
Now windows explorer is seeing the files (even with do not show hidden and system files ON !!!)
Once that happens, the first time comodo is asking about that file (different message though) and you click remember the answer&allow, CIS never asks again…
Problem solved, annoying messages are gone.
So the whole issue was generated because CIS was not able to “see/list” the file on the disk… And that was generated by some crazy properties/personal_information of that file…
Crazy!
Perhaps add a special option for this situation Comodo?
I always get this message every time i launch it, even if i tick “always trust…” or if I manually define it as “trusted file”… I still have to define its as “installer/updater” :-TD
