Task manager tries to connect to the internet Options

[pandy]

Why?

I've used TinyWall for several years, but haven't really looked at all the features. I found it can show all connections it has blocked the last 5 minutes. Taskmgr.exe has been blocked more than a hundred times - in 5 minutes. Why does it try to get out at all? Obviously it doesn't hurt anything that it's blocked, not that I've noticed anyway.

Note, TinyWall isn't a firewall in the usual sense. It sits on top Windows firewall and works by simply blocking all connections except those you OK. So when you first install it there's some fiddling. I think it's great, even if you have to remember to OK all new programs, but that's quickly done. I suppose it can be used as the only FW, but I keep the Windows one running. If anyone wants to try it, please note it doesn't work together with other firewall software, just the Windows one.

This is only the top of the list. You can see it's just 2 or 3 seconds between tries.



I don't know what the System process is about either. I didn't have to OK any system processes when I installed TinyWall, so it must have a built in whitelist.

[Christian J]

Glasswire keeps longer logs.

[pandy]

OK. Can several firewalls run at the same time or do they fight?

Today a nasty app called bigo live opened on my phone. It's on Google Play, so assumedly a legit live streaming app. But all I saw on the splash screen were big boobs and tushies. That's the first time I have had an app install on my phone without my consent. How does that happen? I hardly ever use my phone for the web. I don't even read email on it. I use it for SMS and a hand-full of apps that I've used for ages.

WTF is going on? I'm beginning to feel stalked here.

[Christian J]

OK. Can several firewalls run at the same time or do they fight?

No idea, FWIW I've only used it to monitor traffic, not block.

Maybe Pi-hole could be used as well for monitoring? Since it runs on its own hardware it won't fight anything.

That's the first time I have had an app install on my phone without my consent. How does that happen? I hardly ever use my phone for the web. I don't even read email on it. I use it for SMS and a hand-full of apps that I've used for ages.

Could it be that one of your old apps has changed owner, and a recent update by the new owner has changed its functionality?

Nowadays I'm feeling very reluctant to update apps for this reason, and because even legit developers may suddenly start displaying ads, change functionality etc.

[pandy]

No idea, FWIW I've only used it to monitor traffic, not block.

So I can tun off some features? I'll try it tomorrow.

I had a connection monitoring program at some point. In those days I wouldn't even have ran Windows firewall or AV. Today I'm so tired of everything and just make do with what's there.

Could it be that one of your old apps has changed owner, and a recent update by the new owner has changed its functionality?

I don't think so. It was among "recently installed" or what it's called. But I found that later. It just splat open from nowhere. I thought it was FF with a porn site loaded and wondered how that happened. And I don't have any apps that are even remotely similar. I just have boring things like map apps, photography related apps, bird and flower recognition apps, apps that list historical places... Things like that. Please don't tell anyone.

This is crazy. I think it's 10 or 15 years ago I had a virus that actually did something (I don't count the odd attachment that can't do anything if you don't click it) and I've never had anything on my phone. Now it's something new each day.

BTW I got nothing in the systemprofile folder today. There is no system to this.

[Christian J]

No idea, FWIW I've only used it to monitor traffic, not block.

So I can tun off some features? I'll try it tomorrow.

Maybe blocking requires the paid version, can't remember.

Could it be that one of your old apps has changed owner, and a recent update by the new owner has changed its functionality?

I don't think so. It was among "recently installed" or what it's called.

No I meant that one of the old trusted apps may have changed owner, and the new owner sends an update that makes it install more apps. I recall some apps may have permission for that (outrageous as it sounds), not sure.

It just splat open from nowhere.

It wasn't some kind of overlay screen from another app?

[pandy]

No I meant that one of the old trusted apps may have changed owner, and the new owner sends an update that makes it install more apps. I recall some apps may have permission for that (outrageous as it sounds), not sure.

Didn't know that.

It wasn't some kind of overlay screen from another app?

No. It was among recently installed apps.

I haven't got a single file in systemprofile today either. I haven't done anything that can have put an end to it.

[Christian J]

No I meant that one of the old trusted apps may have changed owner, and the new owner sends an update that makes it install more apps. I recall some apps may have permission for that (outrageous as it sounds), not sure.

Didn't know that.

It's likely not permitted by Google Play generally, but maybe Google's control is inefficient (especially for updates).

Not sure if this is tells everything, but if you go to:

CODE

Settings > Apps & Notifications > Advanced > Special App Access > Install unknown apps

the listed apps should have their permissions shown (none allowed in my case).

[pandy]

None? Don't you use your phone for anything?

I never checked. Just uninstalled it. The permission choices are so limited they feel like bogus anyway.

[Christian J]

None? Don't you use your phone for anything?

It's (allegedly) a list of apps that are allowed to install other apps, of course I don't allow that. Or maybe "unknown" means apps outside the Play store?

I never checked. Just uninstalled it.

I meant maybe you can see which of your old apps that had permission to install Bigo Live. That old app should still be in the list.

The permission choices are so limited they feel like bogus anyway.

Yeah, under "Special app access" the summary on my phone says "1 app can use unrestricted data", but in the actual list no app like that is shown, not even when I enable "Show system". Seems reassuring.

[pandy]

Where do you find that list? I'm only aware of the ridiculously few and unspecific permissions for individual apps.

[pandy]

Today systemprofile filled up again.

I made a mistake about the time stamps. I orignally hade files from early 2023 until now. So I thought that was the dates the files were copied to that folder and showed how long this has been going on. Most of today's files have a time stamp from this morning, but a bunch of them are much older, the oldest from 2012! So in reality I have no idea when it started.

I have 8 copies of the one from 2012, all of them have the same time stamp, to the second. The file doesn't exist elsewhere on the computer. It's a freaking DHL logo.

Gaaah!

[Christian J]

It's a freaking DHL logo.

Maybe it comes from an email? Either an email that has later been deleted, or maybe the image was hosted remotely before being copied to Windows.

The attachment didn't work.

[pandy]

Maybe it comes from an email? Either an email that has later been deleted, or maybe the image was hosted remotely before being copied to Windows.

Yes, everything does. Attachments, embedded pictures, eml files...

The attachment didn't work.

I know. It was just the GIF. I uploaded it elsewhere but forgot to remove the attachment here.