Block An Application From Launching Another Application Etc.

Hi,

How can I block a browser launch triggered by an application?

There are certain applications nowadays that are nasty enough to have a trigger to launch the default browser (or IE for that matter). KMPlayer does that and up to this moment I can block such browser launch via Comodo D+ and Emsisoft OA Advanced setting. This game and all the other games there has a trigger to launch the default browser and go to it's website when you exit the game.

Allow me to share with you how I block it with the firewalls I have used(still using at this moment). It has a "game.exe" which I block via,

Emsisoft Online Armor Premium

Programs>Advanced Options>Permissions>Start Applications>

Allow Except>C:\Program Files\Internet Explorer\iexplore.exe

Allow Except>C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Use DNS API = Block

set global hooks = Block

remote code = Block

remote code modification = Block

Comodo Firewall with D+

HIPS Rules>

Custom Ruleset> Access Rights>

Blocked COM Interfaces = InternetExplorer.Application1

HIPS Rules>

Custom Ruleset> Access Rights>Run as executable

Exclusions>Modify>Blocked File/Folders> File Group>Browsers

In Outpost Firewall Pro,

Application rules>Antileak settings>

DDE Communication = Block

Network Enabled Application launch = Block

DNS API request = Block

Low-level network access = Block

OLE automation control = Block

Does BD IS have hips? Or is it a Behavioral Blocker? I cant seem to see how this behavior can be blocked with your firewall...Your firewall reminds me of Avast's...which too cannot block such behavior.

How can I set a block rule for that behavior? A rule to block an application triggering another application to launch...

Can't seem to block that specific site also in BD firewall....or for that matter the IP address/range.....? How can I do that in BD firewall?

Please help me out on this. There are other issues that I have especially the slow boot time I have experienced when I installed BD IS 2014 but I will post it in the"General subforum".

Thanks

Find more posts tagged with

Comments

Nesivos

I don't think this is possible. This is a custom feature from what I understand.

There could be an app or dll file in the program folder that launches the browser when you exit the program. You would need to contact the app's developer to find out.

Therefore if you can identity the app or dll file you can use the BD Firewall to block that app or dll file from accessing the Internet.

Obviously this solution depends on there being a unique app or dill file within the program folder that launches the browser when you exit the program in question. This method also should work with blocking a program's uninstaller app from opening the browser as part of the program uninstall.

Nesivos

There could be an app or dll file in the program folder that launches the browser when you exit the program. You would need to contact the app's developer to find out.

Therefore if you can identity the app or dll file you can use the BD Firewall to block that app or dll file from accessing the Internet.

Obviously this solution depends on there being a unique app or dill file within the program folder that launches the browser when you exit the program in question. This method also should work with blocking a program's uninstaller app from opening the browser as part of the program uninstall.

There is also another solution. You can use CurrPorts (free) by Nirsoft to identity all open ports on your computer. If you have it open before you close KMPlayer you will see a new port open when KMPlayer closes and takes you to their website. You can then block that port or range of ports if applicable. That will only work if the KMPlayer or another app does not otherwise use the port for updates etc.

Raul90

There is also another solution. You can use CurrPorts (free) by Nirsoft to identity all open ports on your computer. If you have it open before you close KMPlayer you will see a new port open when KMPlayer closes and takes you to their website. You can then block that port or range of ports if applicable. That will only work if the KMPlayer or another app does not otherwise use the port for updates etc.

@rourkem,

Thanks for the reply. I really was looking into possibilities but there was none that I could find.

@Nesivos,

I think that blocking those ports used by the application (KMPlayer) isn't a viable solution as as you said that it may also be using those ports for updates or the application may just use another port or range of ports to call home. Identifying the "app" or "dll" which is the trigger is I think the best.

May I ask if you were to create that rule, say, let's name it trigger.dll, how will you create that rule in BD firewall?

If I may add, I posted also here, http://forum.bitdefender.com/index.php?sho...mp;#entry214776 Question About Bd Firewall Etc.., there is a pop-up (nag pop-up to upgrade to professional version )there from Glary Utilities that I would like to block.

How can I block that in BD firewall?

Raul90

To follow,

Obviously this solution depends on there being a unique app or dill file within the program folder that launches the browser when you exit the program in question. This method also should work with blocking a program's uninstaller app from opening the browser as part of the program uninstall.

I was checking out old notes about MyPlaycity.com games and there was an image prompt I saw about bass.dll being blocked by Outpost Firewall. Checking out,

C:\Program Files (x86)\MyPlayCity.com\Around The World in 80 Days

I saw that there is a "bass.dll". Now I was to try to block it but it would not show. Please see image below.

Any ideas?

Raul90

I was fiddling with the game and was trying out how can I block bass.dll but could not find a way to do it

So I tried to block the IP range of the host site which is myplaycity.com. Using the myplaycity.com CIDR and made a rule to DENY connections to the it. It still connected. When I exit the game it launched Firefox. Connection to the site was established. Now I just set this rule earlier prior booting to the BD AV 2014 Plus with CIS7 partition so a restart/reboot was done. Now I rebooted again and checked the behavior. It was the same.

myplaycity_IP CIDR details

Adapter rule

Browser launch with game exit

Browser launch connected

I tried if the behavior will be the same for another game from myplaycity.com, Star Defender 3. It was the same. The IP range is not blocked and gets connected. Browser launch still cannot be blocked because there seems to be no way of doing it in BD firewall.

Star Defender game