Scan For Known Applications

I’ve noticed a common problem that many former users have mentioned before uninstalling our Comodo Firewall. They say after the initial run, that their applications can’t connect to the internet. They say if the firewall is supposed to run on default settings right out of the box, why this problem? Even after scanning for known applications, the problem still remains, and they uninstall. Can anyone list the steps to take, one by one, to make sure Comodo runs smoothly after install? :THNK

hi! (:WAV)

I’ve installed and uninstalled multiple versions of this firewall and I never had the problem of an application that refused to start because of it. Default rules are really ok. The only thing that I’ve had to do so far, after a new install, is reboot 2 or 3 times to make sure that all startup applications (the ones that need to connect to local as well as to the internet, system executables and any other app,) get their respective permissions from the firewall. Because there seem to be a timing problem between
the start up of comodo firewall, and the startup of other apps. after a reboot. But once again, after 2 or three reboots, everything goes back to normal. Just don’t forget to scan for known applications from Comodo once in a while, and at least once just after install.Hope it helps.

                           apache

Thank you, Apache. I hope our prospective users will not be so quick to uninstall, but will come here to this great forum, and get just the answers they need, so as to stay with the best firewall protection on the planet.

Would you, or anyone else, know where a link to previous versions might be? Thanks, friends. (:NRD)

here are the links for beta versions of 2.4:

https://forums.comodo.com/index.php/topic,3934.0.html

https://forums.comodo.com/index.php/topic,4068.0.html

https://forums.comodo.com/index.php/topic,4206.0.html

https://forums.comodo.com/index.php/topic,4304.0.html

https://forums.comodo.com/index.php/topic,4351.0.html

https://forums.comodo.com/index.php/topic,4489.0.html

https://forums.comodo.com/index.php/topic,4549.0.html

and that’s the link for the final version of 2.3:

                        good luck
                        apache

I forgot to mention, for each link that I gave you concerning the betas, you’ll find several links
for the different language versions. The english one is usualy at the botom of each topic. The final version of 2.4 will be released on the 26 of december, with several languages included.

Surfer,

To answer your question, here are the steps to take to make sure that CPF runs smoothly:

  1. Uninstall any previous third-party (non-OEM) firewall; if you have WinXP, turn OFF Windows Firewall. Reboot.

1a. If you have a dedicated HIPS program running, I recommend turning it off temporarily while you install and set up CPF. It may block some components and not warn you, thus causing conflicts and improper installation. You can reactivate it once you have CPF up and running.

  1. Install CPF. Use Automatic - do not choose Manual/Advanced install. Follow the prompts. Reboot.

2a. When you open CPF after reboot, you are prompted to Activate. If you are on a LAN or behind a Router, you may have some difficulties connecting to Activate CPF. You can skip it until later, if you want; it will not impact functionality of CPF.

  1. If you are on a LAN, are using one computer to share internet connection, or are behind a router, run the Network Wizard (if these do not apply, you can skip this step). Go to Security/Tasks/Define a New Trusted Network (lower left). Follow the prompts. Reboot when finished.

  2. Run the Applications Wizard. Go to Security/Tasks/Scan for Known Applications. Follow the prompts. Reboot when finished.

CPF is now fully functional for the majority of users, and is fully secure.

I realize a lot of people want to create their own rules, and “tighten” things up. :wink: In order to do so effectively, you need to understand CPF, and how it works. At the base of CPF is the Network Monitor - it controls how all applications are allowed to connect to the internet; everything occurs within the context of these rules. Next in line is the Application Monitor - this defines what applications are allowed to connect (or not connect; you can block applications here as well), in the context of the Network Rules. Finally comes the Component Monitor - this loads & approves all components within each application; it’s CPF’s way of saying, when you start application “A”, “Okay, all these pieces of the application check out; they’re good to go.” The Component Monitor will be a huge list; the more Apps you have, the larger it will be; you can block components here if you want, or remove components altogether - just be sure to click “OK” after making your changes (by default, Comp Monitor is set to “Learn”; do not change it to “On” until you’ve run the majority of your applications, or you will get a lot of popups).

That said, read m0ng0d’s post on Network Control Rules, Here. This will help you understand how to work with these rules better, when you do your tweaking. :wink:

If you use any P2P applications, or do online gaming, you will need to create special rules to allow the necessary ports, etc.

Here are a list of links to FAQs; read through these as well, for specific issues like the P2P stuff, etc.

LM

hey littlemac,

I just wanted to mention again, but noone seems to believe it in this forum, that when cpf component monitor is switched from learn mode to “on”, then you get the following problems, even after all of your apps have run for a while: on “on” mode, cpf will ask you again and again if you allow “unknown components” to load with an app.Although you checked the box “remember”, and the unknown dll
appear in the cpf list, you’ll be prompted again. These dll actually keep appearing in the list with the mention unknown. This is for instance the case of googletoolbar.dll when I start firefox.

For that reason I’ve never been able to switch from “learn mode” to “on” in compoment minitor since I use cpf. Hope this bug will be fixed one day. But I’ve already been told that I was the only one to report it. So I don’t have much hope. It’s can’t be related to a bug in my system, cause I have recently reinstalled my OS (not because of this of course).

Once again, these unkonown components get listed in the component monitor list of comodo firewall, after the first alert, but new alerts will come again, about the same stuff.

                                             regards
                                             apache

Apache,

I’ve had Component Monitor set to “On” for quite some time, and I don’t experience this to the degree it would seem that you are. That’s not saying the problem doesn’t exist ~ only that I don’t experience it. CPF does notify on “unknown” components, but only if something changes, and it provides some more information if you look at the “Libraries.”

Here are some ways that these things change:

The application is updated and thus, the components do not have the same signature that they previously had (if apps update silently, you may not be aware of the change, so it will look like CPF just isn’t remembering).

A different application is installed that uses the same component; thus, the Library will change. The most recent Windows update last week caused this to occur for many applications. If you have a dedicated HIPS program, it may inject itself into various components to monitor your system (I run CyberHawk; it does this) and cause an alert on different applications.

I don’t know if you’re seeing these alerts coming from these sorts of “normal” items, of if you have something completely different going on. I do not disbelieve you, at any rate. Have you filed a ticket with Support?

LM

thanks for your reply,

in my case it cannot be a matter of file signature that changes, cause the alerts I’m talking about happen if I stop and just restart the same application a few seconds later, so they concern the same components, exactly the same components. Anyway now I’d be alerted if an md5 signature had changed cause I use, not in a permanent way, “System Safety Monitor” that records that kind of stuff, and give you an alert when it happens, at application start. Anyway as you said it’d be good to submit a ticket to the support team. I think I’m gonna do it. Thanks again.

oh yes, the issue I’m talking about in cpf occured long before I installed any HIPS on my pc, so without any dll injection of this kind.

I just submited the issue to the support team. Let’s wait and see… :THNK