Hello,
Sorry if I missed something on this one but i can’t find a solution.
I use comodo since I think win XP and mostly with win 10 for years without problems, always in custom ruleset.
But with my new Win 11 (22H2 now, but the problem seem to be from the beginning), lots of softwares that i used to block seems to nevertheless passthrough and connect. I don’t know what to do, all my softwares that I don’t want them to updates are proposing me the update, and they are blocked. Do you know if applications updates themselves by a different process that I have allowed in win 11?? I try to delete some windows process that I have allowed but with no succes…
Are you using a VPN connection using TUN adapter? The firewall does not filter TUN traffic.
Acrobat Reader has multiple tricks up its sleeves to update. Radaghast once hunted that down approx 10 years ago. If it cannot use the program updater it will try to use svchost and Background Intelligent Transfer Service. It’s is a real naughty.
Yes I have a VPN but I always created a global rule since years on all my win 10 pc’s to allow IN an OUT except in the range of IPv4 found on the vpn official forum (from 010.000.000.000 to 010.255.255.255).This Killswitch Always worked. But I will go to the VPN forum to see if the range has been updated, just in case, because it has been updated one time over the course of the years.
I also suspected something like svchost, but not Background Intelligent Transfer Service. It’s only on win 11 that I have those problems, with too much softwares and plugins that connects.
I have blocked Background ITS to see if that solves anything.
Can you check what protocol the VPN client is using? I use ProtonVPN and have it set to OpenVPN using the TAP protocol (not TUN protocol).
The route I described for Acrobat Reader is specific for that program. I would focus on the protocol of the VPN client you’re using.
I use my laptop on 2 different places, and on one place I must change the default VPN protocol to the second in the list they propose (OpenVPN TCP: if you have issue with UDP) because otherwise it keep disconnecting. And sometimes I forgot to re-change it to default. I’m not sure it is the problem, but it’s a good idea I have to check.
(I just tested launching a usual photo editing software (not photoshop) that is always asking me to update, and it is still asking. I don’t want re-install it just to verify if the default protocol is changing anything, I know it’s lazy, but i’m pretty sure it’s not because of that, but I will keep an eye on this for futur programs or plugins.
With win 11 i saw comodo asking me at the beginning of the last year to allow or block some new things i nevers saw in win 10, I always though it was something that I allowed, but not sure.