Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Connection to MS


  • Please log in to reply
17 replies to this topic

#1 WhatsWrongWithIt

WhatsWrongWithIt

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 25 April 2018 - 09:02 AM

Why would I have a permanent connection to 13.79.239.69:123 a Microsoft azure in Ireland?



BC AdBot (Login to Remove)

 


#2 xrobwx

xrobwx

  • Members
  • 197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Panama City Beach, FL USA
  • Local time:06:36 AM

Posted 25 April 2018 - 09:23 AM

Are you running a program called Proxifier? Or a program called WindowsSpyBlocker?

 

https://github.com/crazy-max/WindowsSpyBlocker

 

https://github.com/crazy-max/WindowsSpyBlocker/blob/master/logs/win81/sysmon-unique.csv


Edited by xrobwx, 25 April 2018 - 09:26 AM.

7581204627.png


#3 WhatsWrongWithIt

WhatsWrongWithIt
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 25 April 2018 - 09:48 AM

No 

 



#4 jenae

jenae

  • Members
  • 836 posts
  • ONLINE
  •  
  • Local time:10:36 PM

Posted 26 April 2018 - 02:56 AM

Hi, well that is the address of the mother of all datacentres, Microsoft Azure the cloud based azure service, Google "Azure" for more info.

 

To see what process is calling this, open a cmd as admin and copy paste this:-

 

echo > 0 & netstat -a -n -o >> 0 & tasklist /v >> 0 & echo >> 0 & notepad 0 (press enter)

 

Match the PID in the first output cmd (IP address) to a process (PID) in the second ( all in the one notepad output)



#5 WhatsWrongWithIt

WhatsWrongWithIt
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 26 April 2018 - 10:45 PM

Thats brilliant (and a real eye opener)

Thanks very much

#6 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,082 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 27 April 2018 - 06:34 AM

So.....what process is calling it ?


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#7 WhatsWrongWithIt

WhatsWrongWithIt
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 28 April 2018 - 04:31 AM

Long story short it tracker down to a time service.  I have a constant loop where time is synchronised to it, then there is an error and it then synchronises to another MS Azure data centre.  I haven't asked for an explanation as I doubt Id understand the answer, but if there is a simple explanation let me know it !!

 

The time service is now synchronizing the system time with the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->13.79.239.69:123) with reference id 1173311245. Current local stratum number is 3.

 

The time provider 'VMICTimeProvider' has indicated that the current hardware and operating environment is not supported and has stopped. This behavior is expected for VMICTimeProvider on non-HyperV-guest environments. This may be the expected behavior for the current provider in the current operating environment as well.

 

The time provider NtpClient is currently receiving valid time data from time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->51.141.32.51:123).



#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:36 AM

Posted 28 April 2018 - 08:27 AM

The following needs to be run using an Administrator account.  

Click/tap on the Search icon (magnifing glass) in the Taskbar and type cdm.

PLrbrFc.png

You will see Command Prompt under Best match, right click on Command Prompt and select Run as administrator.

Copy and paste the commands below in the Command Prompt, then press Enter after each command.

net stop w32time

w32tm /unregister

w32tm /register

net start w32time


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 WhatsWrongWithIt

WhatsWrongWithIt
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 28 April 2018 - 09:10 AM

All done, although the first line got the response 

 

The windows time service is not started more help is available by typing Net HelpMsg 3521 (Typing this got the response the *** service is not started)

 

I repeated a second time to check and this time the first line got the response 

 

The windows time service is stopping

The Windows time service was stopped successfully

 

(Yes I did run the 2, 3 and 4 Lines after) 

 

Thanks



#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:36 AM

Posted 28 April 2018 - 09:32 AM

Press the Windows key OS4o0pO.png and the R key to open the Run box.

 

Type services.msc in the run box, click OK.

 

Scroll down to the Windows Time service and double click it.

 

Under Service status: click on Start

 

Attached File  windows time service.PNG   21.05KB   0 downloads


Edited by dc3, 28 April 2018 - 02:04 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 WhatsWrongWithIt

WhatsWrongWithIt
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 28 April 2018 - 10:40 AM

The Run box appears but on hitting enter after typing services, the box closes with no error or message

 

(it does work for other things example, if I type cmd for example the command prompt does appear)



#12 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:36 AM

Posted 28 April 2018 - 10:48 AM



The Run box appears but on hitting enter after typing services, the box closes with no error or message

 

(it does work for other things example, if I type cmd for example the command prompt does appear)

The instructions I provided stated to click on OK, pressing Enter is not the same.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 WhatsWrongWithIt

WhatsWrongWithIt
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 28 April 2018 - 01:31 PM

Typo I did select ok and Ive double checked I did - services will not open anything

Attached Files



#14 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:36 AM

Posted 28 April 2018 - 02:04 PM

I made an error, in the Run box you need to type in services.msc , then click on OK.  This will open Services.  Follow the rest of the instructions in post #10.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#15 WhatsWrongWithIt

WhatsWrongWithIt
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 29 April 2018 - 09:37 AM

Thanks DC3- that's better - I notice its set to Manual start-up though. Should it be changed to automatic or do these bloomin PC things need time to stop in certain scenarios?!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users