Application able to call home - Even though adedd as blocked in CFP

I am using CFP 3 with the latest update. I have an application that I have added as blocked application under FW rules, yet it is able to call home without triggering any pop up of any kind, my FW is set to Custom Policy and D+ is set to Clean PC mode.

It appears the application’s calling home is related to my use of FireFox.

How can I block this application or at least force it to generate a pop up of some kind from CFP ?

Please advise.

Thanks

Matt

When I absolutely, positively, do not want something talking to home base, I make sure when Defining a New Blocked Application I browse the Program Files for the app. Then I also add any sub folders or hidden exe’s that may operate independently, such as Update.exe and the like.

Not sure about yours (don’t know what prog you’re trying to hush) but this works for me.

Good luck :■■■■

What application is it and what component is calling home?

Hi Panic,

I tried all you suggested, even uninstalled the application completely, removed all references in CFP and ran the application as portable (without install) and allowed only the execution of executable by the Explorer.exe and access to screen in D+, blocked the executable and the lone dll in the FW, still the application was able to call home and delete the settings that I had chosen.

Any more ideas ?

Matt

Sounds like your program is using a browser as a proxy instead of connecting to the internet directly. Go to the D+ Computer Security Policy and find the application. Under access rights, block the ability to do loopback networking. A little hard to tell what else without knowing the application. :slight_smile:

Yeah.
Tell him the name of the application.

That’s be a start. :slight_smile:

Perfect Clock v3

One thing to try is to erase all the rules for the application in Network Security Policy and Computer Security Policy, and put the firewall in custom policy mode and d+ in paranoid mode to try to see what it is doing. If you have blocked it in the firewall and also blocked it from using a proxy, and it still gets out, ???

Thanks Sded,

Will give it a go and report back for what comes out.

Matt

I’ve emailed the authors asking for the ports/protocols used for outbound access. Will let you know what I get back from them.

Ewen :slight_smile:

A quick google on “Perfect Clock v3” turns up an application that displays world time zone information on the desktop, which may or not be referencing offsite clocks to synchronize against. Network time is port 123/UDP, and is typically handled by Windows itself (the command line tool is w32tm.exe, or click Control Panel → Date & Time).

If all the application does is redisplay Windows time but in different formats, there really is no need for it to call home, or anywhere else. In which case, you’re seeing traffic from Windows itself. If it is the application, and not Windows, then my question would be, whats in the CFP logs?