Hello, im using the firewall free by comodo
and recently noticed strange loads of
Svchost.exe UDP outbound connections from
192.168.2.3:52000-58000 - > destionation: 192.168.2.1:53
Belkinwcui.exe
ICMP OUT 192.168.2.3 → destination 192.168.2.1
ICMP OUT 192.168.2.3 → destination 67.20.176.130
Please help?
I’m guessing your router address is 192.168.2.1? UDP to destination port 53 are DNS queries, which is one if the functions of svchost.
Belkinwcui.exe ICMP OUT 192.168.2.3 -> destination 192.168.2.1 ICMP OUT 192.168.2.3 -> destination 67.20.176.130
Belkinwcui.exe is a utility used by Belkin routers and 67.20.176.130 belongs Belkin…
NetRange: 67.20.176.128 - 67.20.176.135
CIDR: 67.20.176.128/29
OriginAS:
NetName: SUNGARD-FE707F78-49BC-44DF-BAC
NetHandle: NET-67-20-176-128-1
Parent: NET-67-20-160-0-1
NetType: Reassigned
RegDate: 2009-02-20
Updated: 2009-02-20
Ref: http://whois.arin.net/rest/net/NET-67-20-176-128-1
CustName: Belkin International, Inc.
Address: 7499 East Paradise Lane Suite 108
City: Scottsdale
StateProv: AZ
PostalCode: 85260
Country: US
RegDate: 2009-02-20
Updated: 2011-03-19
Ref: http://whois.arin.net/rest/customer/C02162368
Okay so it schould be this way? Only difference is that i installed Comodo with your DNS service “protection”
and lately “block all incoming connections and make my ports invisible” in the Settings panel
But why are my computer always making such connections just now lately after like 2 days?
i havent done anything just played game and browsed some forums
Not ‘my’ DNS, I don’t work for Comodo 
Using the stealth ports wizard to add a block rule can potentially increase the number of log entries.
[
But why are my computer always making such connections just now lately after like 2 days?
i havent done anything just played game and browsed some forums
Impossible to say why it appears to have started happening suddenly, without more information. DNS queries are a normal part of everyday life and they are numerous. Perhaps if you look as which applications you’re running, it may give you an idea as to which may be requesting these services.
As for the router utility, you’ll have to read your router manual to find out what it does, perhaps you can turn it off. Filing that you could create a firewall rule to block this connection.
Okay hm i checked with Tasklist /SVC
svchost.exe pid 1988 Service: Dnscache
What more to check i mean it’s “on” everytime and i havent done anything special
On Windows, svchost is responsible for performing DNS queries on behalf of all running processes., So, every time you launch your browser, it will ask svchost to perform DNS queries for any site you wish to visit or for any automatic updates etc.
What I was referring to above, was seeing which applications you’re running, browser, games, email etc, when the queries are being logged. Perhaps if you close all running applications and then launch one by one, whilst monitoring the logs. It might also be helpful to know which addresses the queries are for when any given application is running.
If ‘problems’ persist, it may be worth posting a query in the Comodo Secure DNS forum, as I don’t personally use the service.