Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svchost.exe outbound connections.


  • Please log in to reply
6 replies to this topic

#1 keyes528

keyes528

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 03 July 2014 - 11:51 AM

Hi, I have found through kaspersky that my svchost.exe sometimes makes an outbound connection, sometimes 2, to akadns/akamai related IP addresses.

Is this serious? could it be malware? I also see google chrome when I load it has some outbound connections to Washington, Redmond which is to the google hq which I believe is fine, but why is svchost doing this? I had windows update running if it makes a difference. Would it help if I posted the IPs?

I have ran scans with mbam, mse, spybot, norton, npe, kaspersky and tdsskiller, and it has come clean.

BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:39 AM

Posted 03 July 2014 - 12:30 PM

Welcome to Bleeping computer.

 

Please read the article at Wikipedia for information on Akadns/Akamia.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 keyes528

keyes528
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 03 July 2014 - 12:38 PM

Welcome to Bleeping computer.
 
Please read the article at Wikipedia for information on Akadns/Akamia.

Hi, would you be able to analyze these ips?

77.61.21.216

134.70.51.254

65.55.138.189

77.67.21.206

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,542 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:39 AM

Posted 03 July 2014 - 01:18 PM

It's perfectly normal for svchost connections to result in outbound connections, see

 

a.  What is svchost.exe And Why Is It Running the How-To Geek - http://www.howtogeek.com/howto/windows-vista/what-is-svchostexe-and-why-is-it-running/

 

b.  How to determine what services are running under a SVCHOST.EXE process - http://www.bleepingcomputer.com/tutorials/tutorial129.html

 

Louis



#5 keyes528

keyes528
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 03 July 2014 - 01:21 PM

It's perfectly normal for svchost connections to result in outbound connections, see
 
a.  What is svchost.exe And Why Is It Running the How-To Geek - http://www.howtogeek.com/howto/windows-vista/what-is-svchostexe-and-why-is-it-running/
 
b.  How to determine what services are running under a SVCHOST.EXE process - http://www.bleepingcomputer.com/tutorials/tutorial129.html
 
Louis


Hi, do those ips seem malicious for svchost on outbound connections?

Who.is said some were akamai and microsoft, but spme were just ips. Could you check them? Im worried.

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,542 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:39 AM

Posted 03 July 2014 - 01:59 PM

Sorry...I don't have any facility for "checking IPs" than you do.

 

Louis



#7 keyes528

keyes528
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 03 July 2014 - 02:03 PM

Then what must I do? Could you use who.is or virustotal to check them? I checked them but I dont know if they're malicious




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users