two processes unknown for me, do I have to block them?


I´m not sure about allowing these two processes:

“firefox is trying to access the screen directly” - I have blocked this one, and apparently all is ok until now.

And this one “cidaemon.exe is about to modify the content of io.sys” cidaemon is xp indexing service, but is it ok this service try to modify io.sys? Just in case I´ve disabled index service in xp, but I´m curious,

what do these two process means, and is it safe to block them?

Thank you (:WAV)

Hi dolcepa, welcome to the forums.

Firstly, Firefox (and most applications that are visible on your desktop) will access the screen directly. So, you should allow these. Not really sure why Firefox worked after you blocked it. Did you block it remembered?

CIDaemon.exe is, as you said, MS’s Indexing service & IO.SYS is the Windows IO driver… it make sense that it would be used. But, modified? I’m not sure about that. Have you run CFPs Malware Scan (Defense+) recently? In any event, disabling the Indexing service is the way to go anyway… hardly anybody runs it, because it has a very annoying habit of hitting your disks at very inconvenient moments (usually when you’re using them yourself) & impacting performance.

You need to allow Firefox. Make Firefox a web browser under the firewall rules. No reason to block either item.

Actually, in testing, Firefox has worked fine with everything disallowed save network access and the main executable running. It doesn’t need to hook the keyboard or directly access the screen. Although it would be useful to know what Comodo means by directly access the screen here. I’m assuming it’s drawing directly to the graphics card rather than using a windows API, much like how Aero works in Vista, so likely forcing it to use the Windows API, while safer, will also be slower.

Thanks for the help

then I better have cidaemon denied so it´s safer that way, and allowing firefox to do this operation

Cheers (:WIN)