Well, I just notticed CBupdater.exe was listenting some ports, and receiving inbound connections, and sending outbound connections… to some unknown IPs. Is this normal? The addresses were not always the same. I will give details:
TCP OUT 220.127.116.11:1863 (Microsoft Corp)
TCP OUT 18.104.22.168:1863 (Microsoft Corp)
TCP IN 22.214.171.124:12000 (LACNIC)
I checked the IPs at ARIN WHOIS Database, and found it was sending data to Microsoft… ???
I have blocked the inbound and outbound connections, until I get some info about if this is a normal behaviour. Spybot Search&Destroy and Avast! say the file is not infected, and it is not spyware… but I am still unsure about why it needs to talk with MS.
I will attach a screenshot of the connection, as I said, it changed in time…
[attachment deleted by admin]