« previous next »
Pages: [1]   Go Down

Author Topic: QB64 code to prevent network activity with certain sites/apps  (Read 2699 times)

0 Members and 1 Guest are viewing this topic.

Offline Richard

  • Seasoned Forum Regular
  • Posts: 364
    • View Profile
QB64 code to prevent network activity with certain sites/apps
« on: April 17, 2021, 01:45:51 am »
Any suggestions on how to prevent or slow down internet activity involving certain sites or apps?

In the past 24 hours I have been affected by a certain program WERMGR.EXE (many say it is a genuine Windows app - others say that it is a virus pretending to be Windows) which is eating heavily into my very limited and expensive mobile cellular data internet bandwidth at roughly hourly intervals. This particular app was never a problem for me before and it is not telling me what the actual problem is - it is just sending to a certain IP address a lot of bytes.

So far, I have determined it is sending to
 
168.61.161.212
13.88.21.125
52.147.198.20
104.43.139.144
104.43.193.48
13.64.90.137


On googling someone else is reporting that address  65.55.252.63 is involved. Because I am not at my computer continuously, it is very hard to catch the problem in action - at this stage it is the high cost limited cellular data usage that concerns me.

What was suggested by Microsoft communities (and others) - does not work. The best I could do was to End Process via Resource Monitor>Processes with Network Activity (but this only works when I am at the keyboard and have appropriate windows (Network Monitor, and Task Manager, etc) - however it takes me about 10 seconds to achieve this.

I have spent hours determining File Manager history for anything new (within 24 hours) eg by way of exe etc files that may be like a virus (browser changers etc) and the only result was an exe that apparently was generated by a Windows KB update (deleting same does not fix the problem).

So in summary HOW TO:-

- stop an application (or at least slow it down greatly and give me loud audible warning) eg wermgr.exe
- and/or prevent internet communication with address 168.61.161.212 (and any others )

My current log file program under development only logs total internet bandwidth used - not yet by what etc

Any suggestions would be appreciated - in cases when I travel to get free wifi, I usually do not worry about data usage (but concern myself with security issues).


EDIT

Now trying

Control_Panel > System_and_Security > Windows_Defender_Firewall > Advanced_Settings > Outbound_Rules > New_Rule > Program (next) > The_program_path ...
« Last Edit: April 17, 2021, 03:56:22 am by Richard »
Logged

Offline RhoSigma

  • QB64 Developer
  • Forum Resident
  • Posts: 565
    • View Profile
Re: QB64 code to prevent network activity with certain sites/apps
« Reply #1 on: April 17, 2021, 06:31:57 am »
WER is the Windows error reporting and problem solving system (eg. WerMgr.exe, WerSvc.exe, WerCplSupport.exe), hence what you see in your network traffic is probably the transmission of error reports to Microsoft.

This should be configurable in the systems Update settings or Maintenance Settings, as final solution you could simply deactivate the service:

- Start Task Manager
- Goto Services Tab
- click Services button (or Open Services, not sure about the exact name)
- look for Windows Error Reporting service, right click it and choose properties
- set start mode/type to "deactivated"
- restart system

Logged
My Projects:   https://qb64forum.alephc.xyz/index.php?topic=809
GuiTools - A graphic UI framework (can do multiple UI forms/windows in one program)
Libraries - ImageProcess, StringBuffers (virt. files), MD5/SHA2-Hash, LZW etc.
Bonus - Blankers, QB64/Notepad++ setup pack
Pages: [1]   Go Up
« previous next »