Anyone know why im seeing the following domain under svchost.exe and chrome.exe? The domain is associated with malware from my research but not sure whats going on but would like to figure it out…let me know if you have any insight.
PIDs are coming up under svchost,nvidia and google chrome for that domain.
Yes, unfortunately that domain does show as high risk if you use our host search feature.
https://www.glasswire.com/host/
I recommend that you scan your PC with Windows Defender, then do the same with Malwarebytes.
You can also turn on VirusTotal with our app in settings, then check all network-related apps under the firewall.
Yeah I’ve done all that, seems to be something on the network or the router itself so looking a bit deeper.
Very strange! GlassWire is an endpoint monitor, so it should only detect what’s going on with that PC.
It could be worth reinstalling Windows in this case.
1 Like
yeah its very strange because when I switch networks its normal, all process connections are normal on all other networks but when connected to this particularly router I am getting that domain for many PIDs… talking to some other people at router company and learning about it more before reinstalling.
Perhaps you should consider just ditching that router and buying a new one, or doing a factory reset.