I blocked this outbound connection when it popped up this morning after logging into my PC. The only program I installed yesterday was the new Champions Online Beta from FilePlanet. I had rebooted several times during and since the install and not seen this message before. There are no additional (visible) services or applications running during or after boot up.
That IP address comes up as:
OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
Your IP look up is wrong.
Actual information for the IP is.
92.242.128.0 - 92.242.159.255
UK-BAREFRUIT-20071227
BAREFRUIT-AS Barefruit Ltd Autonomous System
country:UK
Don’t worry.
It not an attack, you can allow it.
Because your ISP use “http://www.barefruit.co.uk/” DNS and HTTP service.
92.242.144.10 belongs to http://www.barefruit.co.uk/
Visit barefruit website. You will see what kind of service they provide.
You can call your ISP. They will say samething like me.
If you use Comodos DNS servers, it’s quite likely you will see redirects to Barefruit on occasion. The reason for this is they offer a service that replaces the usual 404 message with something more informative.
??? can you, or anyone, tell me why spoolsv.exe would be trying to connect there (92.242.144.10:xxx) when I attempt to print something from my computer? That’s what the firewall is telling me it’s doing. I haven’t used my printer (Brother MFC 420CN) since before I recently updated Comodo Firewall and now I can’t print or scan. The printer’s installation diagnostic software states it’s installed correctly but unable to communicate. I tried complete uninstall and reinstall of the printer software.
Interestingly enough, I uninstalled and reinstalled CF BEFORE having this problem. I thought it was kind of strange that it hadn’t updated in a while and when I tried to manually update via the program, I got error messages. Like I said, I uninstalled, ran CCleaner and DL’d it again. Am I going to have to do uninstall-reinstall again?
In any case, I still don’t see why that should have to do with the spool server trying to route to breadfruit’s site.
Please help before I go bald from pulling my hair out! ;D
oh, also FWIW I am only using the firewall not Comodo’s antivirus. I have avast AV.
Unfortunately, the description of Audiodg.exe doesn’t exactly provide many clues as to its function. Essentially, this system process loads in the context of svchost and provides isolation of third-party audio drivers and DRM processing. It also provides access to kernel mode components.
Barefruit is a company that works with DNS providers to display targeted advertising through landing pages, instead of the usual HTTP/DNS error pages. If I remember correctly, this company is used by UltraDNS who used to host Comodos DNS services - Comodo now have their own DNS services.
To try and understand why you’re seeing these connections, we’d need, if possible, a little more information, such as the IP address involved in the query, assuming it’s not just barefruit. The type of audio software in use and whether it’s using DRM.