I just caught a new Windows 10 process trying to talk online: remsh.exe

If you suddenly have a Program Files\rempl\remsh.exe, it is attempting to communicate with Microsoft servers. I’m still investigating what the shit it is, but it wasn’t present before so they must have snuck it into an update.

Looks like it initiated by the task scheduler. They added two new entries Microsoft\Windows\rempl shell and shell-unlock

I’d advise disabling these until info is released on what they do. As I said, I only caught it because my firewall alerted me to the attempt to talk to

Privacy Galaxy!

Posted in digital security, internet surveillance, net neutrality, nothing to hide, privacy, text