Author Topic: svchost.exe outbound udp to Centregate Research  (Read 3699 times)

Offline cavehomme

  • Comodo's Hero
  • *****
  • Posts: 319
svchost.exe outbound udp to Centregate Research
« on: October 12, 2010, 04:50:54 AM »
I noticed this morning that svchost.exe is connecting outbound UDP to IP address 156.154.70.22 and it does it every few minutes.

When I lookup this IP address it is assigned to -

156.154.70.22 - Geo Information
IP Address    156.154.70.22
Host    156.154.70.22
Location    US US, United States
City    Sterling, VA 20166
Organization    NEUSTAR
ISP    NEUSTAR
AS Number    AS12008 Centergate Research, LLC.

Can anyone throw any light as to what this connection is all about please, before I get too worried  :o
Windows 7 HP 32
Firewall: Windows
AV: CAV, Hitman Pro
Browser: Comodo IceDragon
Comodo DNS enabled

Offline cavehomme

  • Comodo's Hero
  • *****
  • Posts: 319
Re: svchost.exe outbound udp to Centregate Research
« Reply #1 on: October 12, 2010, 06:22:24 AM »
I think  that I may have answered my own question. According to Wireshark this IP is connecting to downloads.comodo.com

It is a pity that extra tools are needed to investigate these kinds of things and that IP lookups and further details are not available within CIS.
Windows 7 HP 32
Firewall: Windows
AV: CAV, Hitman Pro
Browser: Comodo IceDragon
Comodo DNS enabled

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 19363
Re: svchost.exe outbound udp to Centregate Research
« Reply #2 on: October 12, 2010, 06:36:13 PM »
The IP address is one of the two addresses of Secure DNS:
156.154.70.22
156.154.71.22

Offline cavehomme

  • Comodo's Hero
  • *****
  • Posts: 319
Re: svchost.exe outbound udp to Centregate Research
« Reply #3 on: October 13, 2010, 04:54:04 AM »
OK that makes sense, thanks
Windows 7 HP 32
Firewall: Windows
AV: CAV, Hitman Pro
Browser: Comodo IceDragon
Comodo DNS enabled

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek