Windows 10: Many Microsoft / Odd Utilities try to randomly access remote IPs

I have recently been instructed to activate custom rule set of Comodo firewall to be able to monitor what apps are trying to access the internet .

To the irony I realized a huge number of connections are being done via programs that aren't really known to be any related to the internet either try to randomly access the internet or on triggering .

For instance on bringing up the Windows Settings App (SystemSettings.exe) , it instantly attempts to connect to a remote ip , followed by Runtime Broker (RuntimeBroker.exe) that attempts to access a different remote ip .

Then TaskHostW.exe does it in accelerated intervals , BackgroundTaskHost does it pretty often , SpeechModelDownload.exe does it pretty often too despite I don't even have Cortana enabled .

And now for the cuteness of all seems WerMgr.exe and WerFault.exe does it like every 2 minutes that seems like a nag , on revising MS Event viewer I realize this is because of a COM 10016 error Microsoft itself instruct to neglect .

Apart from Microsoft , despite that I made sure I stripped all bloatware of the NVidia driver , the lovely control panel app enjoys connecting to nvidia every hour for no particular reason . Google Chrome Update task does that too hourly .

Now while we can relate the non Microsoft apps to be obsessive about making sure you are up to date even though in a too spooky rate now what about Microsoft ? This crazy rate of traffic multiplied by the amount of users are petabytes of useless blahs jamming the internet daily .

But then apart , why would Microsoft wanna know live data about Windows Settings ? Is personal settings damn it ! You don't even sync it elsewhere !

P.S Comodo does check if those were signed and official apps so no this isn't spoofy trojans case , or is it *Tongue

Cheers
*Cool

:)

 

Many Microsoft / Odd Utilities try to randomly access remote IPs

It's really complicated and depends upon your machine setup. It's best to allow Microsoft entries then research them if you want to. Blocking some may have consequences.

You can review logs:
















I suggested custom ruleset because it will show an alert for all new connections where you did not opt to block/ allow with the choice remembered for safe applications.

 

Many Microsoft / Odd Utilities try to randomly access remote IPs

FYI: If you have concerns I'd suggest running the portable utility linked in this post:

Foreign address after running netstat -f

Enable the items highlighted in the red box:



Anything where there is a red circle shown as an entry needs checking.

 

Many Microsoft / Odd Utilities try to randomly access remote IPs

I have recently been instructed to activate custom rule set of Comodo firewall to be able to monitor what apps are trying to access the internet .

To the irony I realized a huge number of connections are being done via programs that aren't really known to be any related to the internet either try to randomly access the internet or on triggering .

For instance on bringing up the Windows Settings App (SystemSettings.exe) , it instantly attempts to connect to a remote ip , followed by Runtime Broker (RuntimeBroker.exe) that attempts to access a different remote ip .

Then TaskHostW.exe does it in accelerated intervals , BackgroundTaskHost does it pretty often , SpeechModelDownload.exe does it pretty often too despite I don't even have Cortana enabled .

And now for the cuteness of all seems WerMgr.exe and WerFault.exe does it like every 2 minutes that seems like a nag , on revising MS Event viewer I realize this is because of a COM 10016 error Microsoft itself instruct to neglect .

Apart from Microsoft , despite that I made sure I stripped all bloatware of the NVidia driver , the lovely control panel app enjoys connecting to nvidia every hour for no particular reason . Google Chrome Update task does that too hourly .

Now while we can relate the non Microsoft apps to be obsessive about making sure you are up to date even though in a too spooky rate now what about Microsoft ? This crazy rate of traffic multiplied by the amount of users are petabytes of useless blahs jamming the internet daily .

But then apart , why would Microsoft wanna know live data about Windows Settings ? Is personal settings damn it ! You don't even sync it elsewhere !

P.S Comodo does check if those were signed and official apps so no this isn't spoofy trojans case , or is it *Tongue

Cheers
*Cool