Hello. I’ve noticed Commodo Agent connecting to an IP located at “220.127.116.11”. Searching on google sent me directly in this forum and it appears it’s an IP used by the Comodo cloud. Great then, i should not worry.
However, a few minutes earlier, explorer.exe asked me for access to IP “18.104.22.168” Is this IP also used by Comodo? I blocked this request until i have investigated it, but the first results i got from google don’t really look clean to me :
(scroll to the bottom, you’ll see the IP mentioned)
* There were registered attempts to establish connection with the remote hosts. The connection details are: Remote Host Port Number 22.214.171.124 80Also : http://www.threatexpert.com/report.aspx?md5=d319cffa3cb8d8f7cc2270d533e1db95 I didn't found any of the files listed in those pages so i hope i'm clean.
The IP is quite similar to several IPs used by Comodo and it’s hosted by FortressITX, but i didn’t find any mention of it on this forum. Is there a list of IPs used by Comodo somewhere. Is it a common behaviour for explorer.exe to connect to a non-local IP at system boot?