Is Raqscan.exe typically safe?

Lately when I turn on my notebook COMODO presents the following warning:

c:\windows\system32\reqscan.exe has modified IEXPLORER in memory.
Application: IEXPLORER.EXE
IP: 68.87.71.226 Port: dns(53) UDP.

Based on the information above, is it generally safe to Allow this or should I Deny?

Thank you in advance for any suggestions.

A fast google search turns up that c:\windows\system32\reqscan.exe does not turn any references. Which is a really bad sign if it is any kind of legitimate file.

On the other hand, c:\windows\system32\regscan.exe (that’s a G, not a Q), is a known piece of malware. If this is what you’ve got, then your machine is infected with something that you don’t want. Details at Regscan - regscan.exe - Program Information

IP address 68.87.71.226 has an inverse resolve of cns.chelmsfdrdc2.ma.boston.comcast.net

I would take that to mean that if you are not a comcast.net subscriber in the Boston, MA, USA area then you’ve definitely got yourself a problem.

Given those encouraging results, I would suggest running a HiJackThis scan on your machine, and making a posting at one of the web forums that handle cleanup of infected machines. Soon.

Hi Grue155,

First, thank you very much for your helpful reply.

Yes, you are right, I misspelled the regscan, it is G.

I am a Comcast subscriber at home (I am in Massachusetts) but to Verizon DSL (via Earthlink) at work. But it sounds like this is a malware. I think it started when I upgraded my ActiveSync from version 3.7 to 4.5, very recently. Although I may be confusing the timing.

Anyway, I will download HiJackThis and try to scan my pc.

Again, I appreciate your help very much.

Dmitry

P.S. Regarding how you inversed the IP address; is there a site where you can enter IP and get the name?

There are several web based sites that will do an IP address lookup: dnsstuff.com, domaintools.com, geektools.com. Google for the phrase “reverse DNS lookup”.

There are also programs that will do the work. WinXP has the command line tool “nslookup”, although if you are unfamiliar with how DNS records are structured, that tool can be maddening.

Thank you very much for your help.