|
Thanks for that - yesterday I upgraded ExpressVPN, and then used it for a couple of hours. I did not install the browser extensions, so I am now going to rip it out, and see what happens.
|
|
|
|
|
Yup - all gone!  Thanks! 
The reason I leapt at your conclusion that it was ExpressVPN is that I when went through all the s/w listed in ESET, ExpressVPN was the only one with an orange "May be dodgy' mark against it, instead of a green tick.
Annoyingly I still have four months yet to run on my subscription. 
… but the 64K$ question is - why amazonaws.com? 
|
|
|
|
|
Chris C-B wrote: … but the 64K$ question is - why amazonaws.com?
An easy way of getting IP-numbers in the right countries? And since Netflix et.al. also use Amazon themselves they could shoot themselves in the foot if they blocked IP-numbers indiscriminately.
|
|
|
|
|
amazonaws is a playground for hackers & phishers.
First thing to do would be to identify the process from which is originating the request to the external IP. Did you have any browser process opened while checking your task manager? Because a simple periodic refresh on a web page would cause this kind of symptoms.
"Five fruits and vegetables a day? What a joke!
Personally, after the third watermelon, I'm full."
|
|
|
|
|
I did a clean reboot, and touched nothing - just left it sitting there for ten minutes, and then - boom! That's how I knew it wasn't Outlook.
Anyway, all fixed now courtesy of Member 10451815.
|
|
|
|
|
Chris C-B wrote: At first I thought it might be related to MS Outlook, as that downloads every ten minutes
depends, messages trying to access remote content?
ms outlook borrows and directly executes a lot of code/libs from ie
- back in the older days made outlook it an even bigger liability than ie itself (people were careful about visiting sites but not so much opening email which outlook used ie to open remote content)
perhaps someone found something in that old pattern ms hasn't properly closed off yet?
for that reason I don't use outlook as my mail client on my personal machines.
Yeah I know it's quite nice, (use it on client machines where they've given me email),
in fact I reckon outlook is a better client then thunderbird which I use,
but regardless, because of it's poor security won't let it near my own equipment.
Message Signature
(Click to edit ->)
|
|
|
|
|
As I mentioned above, I did a clean reboot, and just watched the screen for ten minutes, without opening anything. It still happened.
Now I have ripped out ExpressVPN with malice aforethought, all is well!
|
|
|
|
|
Sounds like a beacon.
There's a few ways to check this. Modern beacons shouldn't open a port unless it gets a response to that beacon, so the old netstat check doesn't mean as much as it used to.
Some suggestions:
- Check services and make sure that you don't have anything running that shouldn't be. This is MUCH harder on W10 than previous versions, since a lot of valid services have really sketchy names.
- Check the system Task Scheduler and see if any odd executables are set on, say, a 10 min repeating schedule.
- If your AV isn't picking anything up, you might want to run a rootkit scan against the system.
- You can also crack open MS SysInternals Process Explorer and start looking for signs of code injection in a privileged process. lsass has historically been a very common target for hackers.
"Never attribute to malice that which can be explained by stupidity."
- Hanlon's Razor
|
|
|
|
|
I did all that before I posted. Anything I didn't know about, I did a web search for, and everything got a clean bill of health - and it only took just over two hours.
Anyway, Member 10451815 pointed me in the right direction, but many thanks for your contribution.
|
|
|
|
|
Got some web apps in Azure, everything, including key and access management, is fully automated.
I could delete an entire environment and automatically deploy it again and everything would work.
Except...
Custom domain names 
I need to request two DNS records (A and TXT) so Azure can verify I'm the owner of the domain.
No way to automate that process and you can't have customers browse to company-myapp-prod.azurewebsites.net.
There's always something.
At my last job everything was fully automated, except some IP white listing to gain access to a third party application.
Well, if you've done the manual steps once it'll continue to work.
Just don't delete the environment.
It's almost really very good I guess 
|
|
|
|
|
Once you put those records in your DNS server, they are there until deleted.. unless you are doing new domain names...
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
|
|
|
|
|
Yeah, but if I delete a service and redeploy it I get a new IP address, so the DNS record needs to be updated 
So as long as I don't delete it everything is fine, except for that manual step I have to do at a first time deployment.
|
|
|
|
|
The diagnosis came completely out of the purple.
|
|
|
|
|
I've red about that - it made me feel blue.
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Cheer up. Every cloud has a turquoise lining.
|
|
|
|
|
others see green....
"Rock journalism is people who can't write interviewing people who can't talk for people who can't read." Frank Zappa 1980
|
|
|
|
|
Just as long as it's Pure Green[^]
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
No that is just a splat.
Ever played billiards when the opponent asks you if the ball is green or red?
Like you can't lie to them.
Well you could but that would just be cheating.
My eldest has this affliction. I find it hard to comprehend.
A college once designed a GUI Map where the green lawn was bright pink.
He got really angry when the colour was changed, but at the same time he could not perceive the difference.
Colour can't be explained. It is just perceived.
R U Happy about the Welsh defeat of Australia?
You should be. It was fantastic.
"Rock journalism is people who can't write interviewing people who can't talk for people who can't read." Frank Zappa 1980
|
|
|
|
|
My father was monochrome - he had no colour receptors. It made traffic lights at night rather ... um ... interesting
It was a good game - both sides played damn well! Bodes well for the rest of the tournament.
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
|
You are not alone.
From Wikipedia: "Individuals with Northern European ancestry, as many as 8 percent of men and 0.4 percent of women experience congenital color deficiency"
I have read there is a survival of the fittest factor to it. In Northern European forests seeing all colors can be an overload that animals like deer take advantage of with there camouflage. When you get rid of some colors the deer stands out more and you are more successful. When other families go hungry your family is feed.
So many years of programming I have forgotten more languages than I know.
|
|
|
|
|
I'm not really colorblind, it was a pun... 
|
|
|
|
|
|
That's about one and a half year ago. Maybe some people who missed the joke on that particular day want in on in too 
|
|
|
|
|
And, as such, they should see the responses from then as well.
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
