unchecked 'create rules for safe applications' and safe mode


Why Comodo Firewall automatically create rules for safe applications (for example: msfeedsync.exe, iexplorer.exe, wmplayer.exe) when I have disabled(unchecked) feature “create rules for safe applications” ?

Firewall behavior: safe mode
Defence+ behavior: disabled

Is this feature useless/ommited if “safe mode” is choosen for firewall behavior ?

(newest version of CIS)


Welcome to the forum elsas :slight_smile:

If you choose Safe mode in the Firewall and do not tick “create rules for safe applications” all your applications which are consider safe by Comodo should connect without making rules.

If you do not wish this to happen you have to choose Custom Policy Mode.


but I have set “safe mode” and have auto rules creation disabled (unticked) and comodo STILL create rules for me… ??? is this a bug then :-\

CIS will create some rules as required.
Previous versions which required a rule for everything meant I had a fairly large list of rules to manage.
Now, my list of rules is so much shorter and easier to manage.
This is not a bug.

sorry but ‘some as required’ is very misleading for me…

Option states clearly “create rules for safe applications” I have it UNCKECKED (and firewall behavior is not in training mode) so why when I test exe from auto generated rule by manual adding it in defence+ “my own safe files” I can’t add it and see message “comodo already has it on safe list” or something similar ?

situation for me is simple something is wrong…

“create auto for safe[…]” disabled + “safe mode” = no/null/zero/nada/zip auto generated rules for safe aplications and popups for “nonsafe/non listed on comodo online safe list or on my own safe list” applications


Comodo did not mention in manual shipped with software that “create rules for safe applications” disabled still will create “some” rules…

With what application is this happening? Without that information we cannot test and try in on our systems to see if the same thing happens with us.

I wrote it in the first post ;D

as yet:

msfeedsync.exe, iexplorer.exe, wmplayer.exe

There are no rules crested in D+ for those applications. There are custom rules created in Firewall, however, on my system.

As I see it (just my opinion here), anything that connects to th web should not be trusted by software until the user allows it.

Mr John Buchanan I did not understand Your post… You are not helping, sorry :wink:

Why You mention Defence+ ? for Defence+ there is another child forum… I wrote I have it disabled (way too much annoying for me ;D → more annoying than gaining security from it in my case :D)

As I see it (IMHO) comodo online trusted software list is very handy (BTW what technology comodo uses to verify files? MD5 ? SHA-1 ? or both ?)

Still my problem is not solved… for me it looks like a bug… NO AUTO CREATION means NO AUTO CREATION >:(

Sorry I missed you had Defense+ disable this may be the reason why.

When I tested CIS Firewall Safe Mode Defense+ Safe Mode Sandbox and AV both on.

Removed all rules as a test connected to the internet used browser etc. (Safe files only) no rules were made it stayed empty, even though I connected to the internet without problems.

It is possible disabling Defense+ makes this invalid.


Thanks for fast reply

I do not want to enable back Defence+ and Sandox also have disabled (I used Defence+ for over a year and I am tired to fine tune its settings…)

I think this problem should not be linked with Defence+ configuration… if it really does it looks like a bug to me very sorry for repeatitions but I must write it again NO AUTO CREATION means NO AUTO CREATION for me :slight_smile:



Could You perform another test for me? with D+ and Sandbox disabled ? I am in work now and going home after couple of hours but I can’t wait to see results from test with D+ and Sanbox disabled 8)

Anybody has the same problem ?

another thing that I have changed is alert setting to lowest

few days ago I started to use Windows 7 HomeGroup feature and besides that I have disabled media streaming feature “svchost.exe” listens very often on 1900 port (uPnP) maybe it is essential for HomeGroup working at all but:

COMODO FIREWALL AUTOMATICALLY CREATES for me MULTIPLE RULES for “svchost.exe” for outgoing port 1900 and few more other… WHY ???

before using Homegroup comodo created one rule for outgoing any port for svchost.exe and few other apps