An questionable Task Manager

Always I have a feeling of safety when a computer program ask for my authorization to update itself and absolutely always I have a deception and I’m concerning when I log some  connections made by a program without my knowledge.

It does not matter the purposes of these “hidden” connections or of some supposed “hidden” processes, in my opinion, all of the actions invisible to the user performed by a program are a potential threat, a potentially violation of the user privacy and in any case an abuse against the user.

All of the people feel comfortable in their house when they know all what is happening there and in digital world is the same, I don’t meet yet the people that can write relaxed a private email knowing that somebody maybe is looking at his screen over the shoulder or that can repose in his house knowing that anybody, anytime, can walk into the house. It does not matter if it’s thief or not, it is in human nature to have a place for you and only for you.

This is the view I have about digital world and this is why I consider unethical and immoral the practice of some software authors to embed some auto-install toolbars in their software, to modify the browser home pages or to disturb the internet experience in any way. These days we assist to an exponential growth of scamming, spamming, phishing, browser hijacking, click hijacking in a more and more agressive market.

Because the Internet is not seen as a relaxing place, but as a market by some software authors, they make a habbit from collecting data about the history of Internet navigation and from collecting data about the user. Maybe does not exist yet an official CyberPolice but online marketers intensify their efforts to spy all the online computers to perform better in a growing online market and to have an advantage even small over their competitors.

It’s hard to find a freeware program without a nasty companion program embedded, a toolbar, some redirecting browser code or some reporting-about-user code. There is a trend nowdays, to modify the default search engine and to present to the user modified or customized search results. The advantages from their point of view are obvious, certain sites are favorized.

Now, you wil say that even Google are offering customized search results based on searching history, which can be helpfull, the problem is not that, the real problem is how these adware or spyware companions programs are installed in your computer, without the user consent, more like the trojans. In short, if the user has not full control over his running programs or connections made by the programs, this is bad and unethical from obvious reasons.

Searching today for an online Photo Editor, I saw on a site sidebar a section called “The best freeware programs” and AnVir Task Manager posted there and because I like security related Task Managers I said -let’s give it a shot to see what’s there.

The current version is 6.3 and the Pro version costs $49.95. They has the Softpedia badge–100% Clean, No Spyware, No Adware, No viruses and a full set of features for Windows enhancements and security and performance:

  • Full information about processes, services, Internet connections, drivers, DLLs
  • Descriptions for 70 000+ startup programs, Internet Explorer toolbars and services
  • Security analysis of programs behaviour detects Trojans and Spyware, alerts on new startups

and so on, I will not insist on those, you can read about them on AnVir Task Manager Home Page.

To make the long story short, I’ve downloaded the free version of the software about 4,38MB and begin the installation, the first I’ve agreed to the END-USER LICENSE AGREEMENT, unchecked “Open AnVir Web Site” and “Install Registry Cleaner Pro” check box and  the installation finish. As with every new and less-known program that I run for the first time, AnVir Task Manager was installed in a sandbox, using Sandboxie 3.46 with Buster Sandbox Analyzer.

anvir task manager

The first noticed thing, even if I unchecked the check box   “Open AnVir Web Site”, the browser still started up with http://www.anvir.com/install.htm?install=6.3&prod=tf in the adress bar, a “Thank you for installing our product!” page.

What is questionable is why the software connects during the installation to these IPs :

* Connects to “194.7.155.81” on port 80.
* Connects to “81.196.26.161” on port 80.
* Connects to “199.7.52.190” on port 80.
* Connects to “199.7.51.190” on port 80.

The official site of AnVir Task Manager has the IP : 188.40.3.43, so where this software is connecting without user consent? It’s a mistery, let’s say is a must for the software to connect to these IPs for a proper functioning, let’s say it connects to a database of files signatures but why the user is not warned, asked, how it is 4 connections without any explanation?

For me, this is enough to label this software as untrusty, though I don’t saw any other signs to perform a malicious action. Anyway, if you want take the risk, you can install AnVir Task Manager and it will replace with great success the default Windows Task Manager, beeing more detailed and more powerful. What I want to underline here is the software authors bad practice to let their software make connections and perform actions without an explicit user consent.

A more recommended alternative for Windows Task Manager in my opinion, there is  Security Task Manager, it has a more cleaner installation and operate manner.

Keep safe !

Posted in Thoughts.

Leave a Reply

Your email address will not be published. Required fields are marked *