Scan for known applications problem? [Resolved]

For Comodo firewall i am using the latest version 2.4.18.184.

I did the scan for known applications and once i did it i finished and restarted Comodo.

A checked Application monitor and the only thing there is is MSN? wat about the other applications?

Hi there,
I think I can answer your question (sorry I haven’t done this before but I just found your post :slight_smile:

Check if you have ticked “do not show alerts for applications certified by comodo” in SECURITY / ADVANCED / MISCELLANEOUS.
If you have, then it’s quite normal that you do not find any rules in Application Monitor, as Application Control Rules are only displayed in the Application Monitor if you create them or tick “remember” when you allow / block a respective application.
Scanning for known apps is like allowing an application but not ticking “remember my decision” in the alert. The rule is applied but not shown in AM.

I hope I’m not mistaken but this is how I understood it.

I apologise once again for not answering sooner.

Cheers,
grampa.

Hi Chaos18,

The scan for known application only checks for basic windows applications, like MSN, Outlook Express and Internet Explorer. Any other files that are found on the safelist will be automatically allowed as you use the firewall rather than added at the time of that scan.

Also, it can take a number of restarts to see the full list of what CFP as added on the scan.

Mike

More specifically, a given program on the safelist bypasses Application Monitor (unless there’s AM rule that blocks it) and goes directly to Network Monitor. That’s how I’ve always pictured it.

thanks for the help :SMLR

Sure. One thing to keep in mind is that with latest versions of the known safelisted programs like IE7, etc., the cryptographic signature of the executables will change. I believe this means they aren’t in the safelist anymore. That is, until CFP releases the next Database, which is currently v3.0 in the About screen.

Is that right, Mike?

Yes, that is right. If the cryptographic signature is changed, then CFP know longer detects them as safe until they are added to the next released version of the safelist.

Mike

Thks.

Topic Resolved