Hello, I have what I believe to be a problem. On all my Windows 10 machines I have discovered a Hidden Unknown Background Process running at all times. This Unknown Process is not visible in the normal task manager, it's only visible in third party tools like cports and other networking tools. Dose any one know what this is, or if it's a problem or not. Sometimes the Unknown Process will launch many other Unknown Processes making windows 10 slow to react. Below is a list of hosts the Unknown Process is sending requests back and forth to.
Not everything in the list below was coming from this Unknown Process but a lot of it was, I just copied out my block list from my host file and posted it, so some of the list may have been coming from other possesses but most of them are from this Unknown Background application in windows 10.
Code:
sirius.mwbsys.com sirius-prod.elasticbeanstalk.com prev.cloud.avg.com v10.vortex-win.data.microsoft.com v10.vortex-win.data.metron.live.com.nsatc.net vortex.data.glbdns2.microsoft.com VORTEX-cy2.metron.live.com.nsatc.net tools.l.google.com sns.dns.icann.org settings-win.data.microsoft.com OneSettings-bn2.metron.live.com.nsatc.net stats.mbamupdates.com Collection-Balancer-1322209416.us-east-1.elb.amazonaws.com data-cdn.mbamupdates.com vip0x062.ssl.hwcdn.net prisoner.iana.org settings.data.glbdns2.microsoft.com ieonlinews.microsoft.com ocsp2.globalsign.com crl.usertrust.com live.com ns1.msft.net rns02.charter.com rns01.charter.com akamaitechnologies.com Vortex-db5.metron.live.com.nsatc.net prev.explabs.net vip098.ssl.hwcdn.net ns1.gts.cz ocsp.verisign.com ocsp-ds.ws.symantec.com.edgekey.net e8218.dscb1.akamaiedge.net ns1.edgecastcdn.net av.download.avg.com aa.avg.com aa.avg.com.edgesuite.net a1019.g2.akamai.net amazonaws.com avg.cz dm2306-a.1drv.com av.update.avg.com update.avg.com.edgekey.net e11023.a.akamaiedge.net s3-1.amazonaws.com yk-in-f108.1e100.net yv-in-f136.1e100.net yx-in-f102.1e100.net yv-in-f113.1e100.net yv-in-f95.1e100.net ns1.google.com ns2.google.com ns3.google.com ns4.google.com ec2-52-25-54-181.us-west-2.compute.amazonaws.com ec2-52-35-210-189.us-west-2.compute.amazonaws.com a23-61-187-27.deploy.static.akamaitechnologies.com a104-79-133-115.deploy.static.akamaitechnologies.com a104-91-166-96.deploy.static.akamaitechnologies.com a104-91-166-96.deploy.static.akamaitechnologies.com a184-31-193-149.deploy.static.akamaitechnologies.com c6945.sgvps.net atl14s21-in-f6.1e100.net yx-in-f156.1e100.net yv-in-f102.1e100.net yx-in-f101.1e100.net yw-in-f95.1e100.net a23-61-75-27.deploy.static.akamaitechnologies.com xx-fbcdn-shv-01-ord1.fbcdn.net a104-91-166-91.deploy.static.akamaitechnologies.com a23-64-112-45.deploy.static.akamaitechnologies.com a104-91-166-90.deploy.static.akamaitechnologies.com a104-91-166-113.deploy.static.akamaitechnologies.com a104-91-166-83.deploy.static.akamaitechnologies.com mq-cov-osm-dtc-mapquest-a.evip.aol.com ec2-54-175-215-216.compute-1.amazonaws.com a23-64-126-247.deploy.static.akamaitechnologies.com a-0001.a-msedge.net coral.wiktel.com 71.10.216.1 : rns01.charter.com ec2-23-23-131-45.compute-1.amazonaws.com ec2-23-21-130-13.compute-1.amazonaws.com ec2-52-11-75-113.us-west-2.compute.amazonaws.com token.r53-2.services.mozilla.com clients.l.google.com youtube-ui.l.google.com ec2-54-152-180-212.compute-1.amazonaws.com www-google-analytics.l.google.com a104-91-212-129.deploy.static.akamaitechnologies.com a104-91-230-199.deploy.static.akamaitechnologies.com a104-91-166-234.deploy.static.akamaitechnologies.com a104-91-166-82.deploy.static.akamaitechnologies.com a104-91-166-80.deploy.static.akamaitechnologies.com a104-91-192-31.deploy.static.akamaitechnologies.com ec2-50-17-192-248.compute-1.amazonaws.com yv-in-f91.1e100.net ec2-52-88-115-84.us-west-2.compute.amazonaws.com ghs-vip-any-c46.ghs-ssl.googlehosted.com den03s10-in-f36.1e100.net yw-in-f190.1e100.net ec2-54-209-5-173.compute-1.amazonaws.com ec2-52-27-138-29.us-west-2.compute.amazonaws.com yw-in-f113.1e100.net a104-91-166-104.deploy.static.akamaitechnologies.com 166-22.amazon.com a104-91-230-198.deploy.static.akamaitechnologies.com ec2-50-16-234-116.compute-1.amazonaws.com crl.comodoca.com messengerskydrive.com a23-64-119-117.deploy.static.akamaitechnologies.com a72-246-104-169.deploy.akamaitechnologies.com yx-in-f95.1e100.net yv-in-f94.1e100.net qh-in-f106.1e100.net 18-127-232-198.static.unitasglobal.net 120.0.0.1 d1-3-0-0-19.a01.nycmny03.us.ce.verio.net 120.0.0.1 ec2-54-183-163-208.us-west-1.compute.amazonaws.com 120.0.0.1 ya-in-f139.1e100.net 120.0.0.1 ya-in-f94.1e100.net 120.0.0.1 ec2-52-25-54-181.us-west-2.compute.amazonaws.com 120.0.0.1 ql-in-f105.1e100.net 120.0.0.1 a23-61-75-27.deploy.static.akamaitechnologies.com server-52-84-7-171.ord54.r.cloudfront.net ya-in-f94.1e100.net 94.31.29.154.IPYX-077437-ZYO.above.net yx-in-f94.1e100.net 5b.89.7e4b.ip4.static.sl-reverse.com
I would like to add that I can't find this application at this time on my machine. I also can't kill it and when it's tampered with it seem to go into a protection mode and go's dormant for some time and then relaunches it's self.