Jump to content

Windows 10 Hidden Unknown Background Process


Recommended Posts

Hello, I have what I believe to be a problem. On all my Windows 10 machines I have discovered a Hidden Unknown Background Process running at all times. This Unknown Process is not visible in the normal task manager, it's only visible in third party tools like cports and other networking tools. Dose any one know what this is, or if it's a problem or not. Sometimes the Unknown Process will launch many other Unknown Processes making windows 10 slow to react. Below is a list of hosts the Unknown Process is sending requests back and forth to.

w7chmnV.png

Not everything in the list below was coming from this Unknown Process but a lot of it was, I just copied out my block list from my host file and posted it, so some of the list may have been coming from other possesses but most of them are from this Unknown Background application in windows 10.

sirius.mwbsys.comsirius-prod.elasticbeanstalk.comprev.cloud.avg.comv10.vortex-win.data.microsoft.comv10.vortex-win.data.metron.live.com.nsatc.netvortex.data.glbdns2.microsoft.comVORTEX-cy2.metron.live.com.nsatc.nettools.l.google.comsns.dns.icann.orgsettings-win.data.microsoft.comOneSettings-bn2.metron.live.com.nsatc.netstats.mbamupdates.comCollection-Balancer-1322209416.us-east-1.elb.amazonaws.comdata-cdn.mbamupdates.comvip0x062.ssl.hwcdn.netprisoner.iana.orgsettings.data.glbdns2.microsoft.comieonlinews.microsoft.comocsp2.globalsign.comcrl.usertrust.comlive.comns1.msft.netrns02.charter.comrns01.charter.comakamaitechnologies.comVortex-db5.metron.live.com.nsatc.netprev.explabs.netvip098.ssl.hwcdn.netns1.gts.czocsp.verisign.comocsp-ds.ws.symantec.com.edgekey.nete8218.dscb1.akamaiedge.netns1.edgecastcdn.netav.download.avg.comaa.avg.comaa.avg.com.edgesuite.neta1019.g2.akamai.netamazonaws.comavg.czdm2306-a.1drv.comav.update.avg.comupdate.avg.com.edgekey.nete11023.a.akamaiedge.nets3-1.amazonaws.comyk-in-f108.1e100.netyv-in-f136.1e100.netyx-in-f102.1e100.netyv-in-f113.1e100.netyv-in-f95.1e100.netns1.google.comns2.google.comns3.google.comns4.google.comec2-52-25-54-181.us-west-2.compute.amazonaws.comec2-52-35-210-189.us-west-2.compute.amazonaws.coma23-61-187-27.deploy.static.akamaitechnologies.coma104-79-133-115.deploy.static.akamaitechnologies.coma104-91-166-96.deploy.static.akamaitechnologies.coma104-91-166-96.deploy.static.akamaitechnologies.com    a184-31-193-149.deploy.static.akamaitechnologies.comc6945.sgvps.netatl14s21-in-f6.1e100.netyx-in-f156.1e100.netyv-in-f102.1e100.netyx-in-f101.1e100.netyw-in-f95.1e100.neta23-61-75-27.deploy.static.akamaitechnologies.comxx-fbcdn-shv-01-ord1.fbcdn.neta104-91-166-91.deploy.static.akamaitechnologies.coma23-64-112-45.deploy.static.akamaitechnologies.coma104-91-166-90.deploy.static.akamaitechnologies.coma104-91-166-113.deploy.static.akamaitechnologies.coma104-91-166-83.deploy.static.akamaitechnologies.commq-cov-osm-dtc-mapquest-a.evip.aol.comec2-54-175-215-216.compute-1.amazonaws.coma23-64-126-247.deploy.static.akamaitechnologies.coma-0001.a-msedge.netcoral.wiktel.com71.10.216.1 : rns01.charter.comec2-23-23-131-45.compute-1.amazonaws.comec2-23-21-130-13.compute-1.amazonaws.comec2-52-11-75-113.us-west-2.compute.amazonaws.comtoken.r53-2.services.mozilla.comclients.l.google.comyoutube-ui.l.google.comec2-54-152-180-212.compute-1.amazonaws.comwww-google-analytics.l.google.coma104-91-212-129.deploy.static.akamaitechnologies.coma104-91-230-199.deploy.static.akamaitechnologies.coma104-91-166-234.deploy.static.akamaitechnologies.coma104-91-166-82.deploy.static.akamaitechnologies.coma104-91-166-80.deploy.static.akamaitechnologies.coma104-91-192-31.deploy.static.akamaitechnologies.comec2-50-17-192-248.compute-1.amazonaws.comyv-in-f91.1e100.netec2-52-88-115-84.us-west-2.compute.amazonaws.comghs-vip-any-c46.ghs-ssl.googlehosted.comden03s10-in-f36.1e100.netyw-in-f190.1e100.netec2-54-209-5-173.compute-1.amazonaws.comec2-52-27-138-29.us-west-2.compute.amazonaws.comyw-in-f113.1e100.neta104-91-166-104.deploy.static.akamaitechnologies.com166-22.amazon.coma104-91-230-198.deploy.static.akamaitechnologies.comec2-50-16-234-116.compute-1.amazonaws.comcrl.comodoca.commessengerskydrive.coma23-64-119-117.deploy.static.akamaitechnologies.coma72-246-104-169.deploy.akamaitechnologies.comyx-in-f95.1e100.netyv-in-f94.1e100.netqh-in-f106.1e100.net18-127-232-198.static.unitasglobal.net120.0.0.1 d1-3-0-0-19.a01.nycmny03.us.ce.verio.net120.0.0.1 ec2-54-183-163-208.us-west-1.compute.amazonaws.com120.0.0.1 ya-in-f139.1e100.net120.0.0.1 ya-in-f94.1e100.net120.0.0.1 ec2-52-25-54-181.us-west-2.compute.amazonaws.com120.0.0.1 ql-in-f105.1e100.net120.0.0.1 a23-61-75-27.deploy.static.akamaitechnologies.comserver-52-84-7-171.ord54.r.cloudfront.netya-in-f94.1e100.net94.31.29.154.IPYX-077437-ZYO.above.netyx-in-f94.1e100.net5b.89.7e4b.ip4.static.sl-reverse.com

I would like to add that I can't find this application at this time on my machine. I also can't kill it and when it's tampered with it seem to go into a protection mode and go's dormant for some time and then relaunches it's self.

 

q5JIcJj.png

 

I'm not sure and I could be wrong but it seems to send information about the websites I'm looking at at the time.

Link to post
Share on other sites

  • 2 months later...
  • Root Admin

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.