Can anyone tell me why the hell does Windows 8.1 upload shit to China?

Can anyone tell me why the hell does Windows 8.1 upload shit to China?

Does Microsoft have servers there?

Other urls found in this thread:

zainadeel.deviantart.com/art/Blend-2-0-for-Windows-7-191678865
twitter.com/NSFWRedditImage

nice malware you have

But all system processes and files show as legit using md5 checksum

Just because a server is in China doesnt automatically mean its malware. Any of the ips in your list could be malware. Check the content of the requests with wireshark.

>Does Microsoft have servers there?

do you really think international technology conglomerate Microsoft doesn't have a single server in the world's most populous country?

Nope, try again.

Is there a freeware or open source alternative to Glassfire?

>using common sense
where do you think you are

just block the microsoft IPs

ok i checked again using md5 and everything turns ok but for some reason one of the svchosts.exe shows in red

how do i target that one without killing the bunch of them?

pirate it

a Microsoft thread

It's a common practice for viruses to embed themselves as svchost, looks like you've got one. Backup your important shit and nuke the system drive, then do a fresh install. Nothing else to do with regards to Windows infections.

what program is this?

thats a malware
you installed it when installing glasswire

System Explorer. It checks everything using md5.

Actually it looks like he installed it 11/8/2015

svchost is just a container that runs services (aka "background programs"), go to your task manager, find that process, then right click and do this. It should highlight it in the list of services on the next tab, you can track down the actual executable from there.

This is really really fucking basic shit.

date is probably spoofed

Or, if you don't see that option, it could literally be just a program named "svchost.exe", pick 'open file location' and handle things from there, assuming it's malware pretending to be a legitimate system component.

i see nothing unusual there

are system files are actually checked using md5 here should i just add that chinese IP to the hosts file?

Which Windows 7 skin is that?

113.107.166.147 doesn't point to any website or known service, looks pretty shady in my opinion. If it's legit malware and not some P2P/torrent connection, then whatever is on your computer could just remove it from the hosts file.

I mean you have nothing to lose by doing it, but I'd investigate a bit further, like for instance with Wireshark, as someone previously pointed it out.

Use an anti virus scanner, idiot.

The only one worth using. Get 2.0b.

zainadeel.deviantart.com/art/Blend-2-0-for-Windows-7-191678865

>and not some P2P/torrent connection
These are legit (md5 checked) windows services that are uploading shit to that ip

i dont know whats going on anymore

I already ran Malwarebytes and Spyhunter Portable scanner in deep mode and nothing is found.

What should I use to find that shit?

Maybe its not a virus or anything but just Windows doing their botnet shit and selling shit to the data to the chinks

>nothing unusual about a 32 bit svchost in 64 bit Windows that was installed months after Windows
Ok.

What's the actual service sending data to it? Can you get like a process ID or something from GlassWire? The fact that "something" is connected to "somewhere" is not much to go on.

I know this sounds paranoid, but...is there anything to vouch for the integrity of System Explorer itself?

There's virustotal. It's also running on Windows, so unless you take everything apart with a disassembler and fifty security audits, you can never really be sure.

Nope. Stupid cucks in here honestly believe that anything a program running ON an operating system can do could possibly uncover a proper rootkit / malware.

A software rootkit is invisible to the host OS itself. Only way to verify it is by booting a different OS and verifying the integrity of the entire boot path from there.

However, the only way to eliminate a hardware rootkit is to replace the hardware.

Do you run any servers on Windows?
If you do, it could just be a simple port scan.

>What's the actual service sending data to it

i dont other than KMSpico which didn't actually work but was to lazy to remove that.

i forgott to mention that i got my pc taken away from the police and when they returned it after months they somehow froze the bios making it unable to access. Before that shit happened it booted to windows pretty fast but now it wait on the bios screen like 30 seconds before continuing. When i try to access it using DEL and just freezes and than i have to force restart it. Now i cant even reformat my drive and install a new OS. Resetting the BIOS didn't work either.

Maybe there is a link here in between? But still im from europe and here im dealing with some strange chink shit

>i forgott to mention that i got my pc taken away from the police and when they returned it after months they somehow froze the bios making it unable to access. Before that shit happened it booted to windows pretty fast but now it wait on the bios screen like 30 seconds before continuing.
HOLY SHIT dude your hardware is bugged

have you at least tried clearing the CMOS?

>What's the actual service sending data to it

no way to find out

>i forgott to mention that i got my pc taken away from the police

...why?

>have you at least tried clearing the CMOS

could you tell me how to do that? And also with reset, i actually mean i just took the battery on the mother board out for some minutes. Is there a better way?

>windows
>can't even find out which service is sending data to china

NSA/microsoft, not even once

>i forgott to mention that i got my pc taken away from the police and when they returned it after months they somehow froze the bios

This fucking thread.

i think it was unrelated and the only strange shit i see on my system is that weird chinese ip connecting with legit windows processes

>But still im from europe
Which gestapo country are you from so I can avoid ever traveling there?

im just curious why did the police take your computer. what did you do?

>legit Windows process

Just take your whole motherboard and throw it in the garbage. Or submerge it in acid. That computer is far beyond saving.

hate speech on Sup Forums

...

OP HERE

Anyone knows how to reset or update the firmware on Motherboard F1A55-M LE - ASUS?

Yes, I do.

MICROWAVE RADIATION UNTIL THE FIRE CONSUMES THE CMOS!

Just go to a hardware store and get a hacksaw. Not even joking. Chinese malware is the least of your concerns.

but then where to get dem money to buy a new one

I know updating your computer is hard these days. Dont give up on yourself. Just hang in there! Youll understand the game soon enough. I believe in you, user-kun

yeah but what do when my bios is inaccessible?

>unbreakable

You are such a fucking faggot, holy shit.

>bios
>inaccessible
then you throw away your motherboard

you turn off the computer, take out the CMOS battery(pic related), leave it for like 5 minutes and put it back in

...

you need to know my last name or it wont make sense

already did that, didn't change anything like i said here

He did that already. Although you might have to short two pins on certain ASUS motherboards in addition to taking the battery out.

>2016
>WinRAR

what else would i use ?

>Windows 8.1
lol

7zip

looks shit, slow

What did you say?

The Apple MacBook Pro with Retina Display doesn't have this problem.

Yea, but you get aids and muslim bombings instead.

>SpyHunter
I think I found the malware.

Your running the md5 of the file on the hard drive. The process is running from memory. You must also check that the process in memory matches the file on the hard drive

but you must also make sure your view of the memory is not being altered

and that your program is running as expected

and that no processes are being hidden from it

and that no code is being hidden from the kernel

etc.

True, but I haven't personally dealt with those situations so I can't speak to them