I need help with these; you can just answer the ones you know about.
I use IVPN.
It has an option not to allow any traffic outside of VPN tunnel.
It's firewall starts very early when windows starts and doesn't allow other programs to connect to anything.
After using the web a little I check my 2 adapters in Network and Sharing Center.
(There is 1 normal and 1 TAP adapter for the VPN to use)
First (Normal adapter) shows higher Sent/Recieved Bytes than the Second (TAP) Adapter.
Does it mean that I leak some data with my real IP adress?
When I start Firefox, it makes hidden connection to some places (like checking for addon updates etc.)
I disabled all of FF's update checks, but one connection I can't stop.
Very strange thing is I blocked it's domain and IP in hosts file, but it still can connect.
How does it bypass even hosts?
I installed Ubuntu and Linux Mint before(Couldn't get used to them, rolled back). While I was using Linux I must have deleted something from my External Hard Drive. Now there is a ".Trash-100" folder that CAN'T be deleted. Removing "Read Only" option from properties does not help.
When I start my PC, I see an external connection made by broadcasthost and also 18.104.22.168 , and glasswire says they are external connections. I know broadcasthost makes connections for Windows services (which I'm also against).
After a little tampering I found broadcasthost (255.255.255.255) made by PID 984 which includes 4 services:
- Security center
- TCP/IP NetBIOS Helper
- Windows Event Log
- DHCP Client
I still don't know what connects to 22.214.171.124
I'd like to know what connections carry across and where are they going to.
Glasswire also shows "System" connection to many different countries, USA, China, Japan, Arab Emirates(When PC is idle too), always only sending data(exactly 150 Bytes). What do you think those connections are?