When I boot up, I only have one program that loads that connects to the internet, Avast. Yet for some reason, NetworkService connects to addr.btopenworld.com, and either securenet, comodoca.crl or app.digsigtrust.com.
Some the the IP Addresses that I have also found when this happens are:
126.96.36.199- This one seems to download the most data when the connections happen.
188.8.131.52- This one appears on occasion.
It also makes the same connections to comodoca.crl when I am exiting adobe products like premiere pro or when I sometimes log into steam. These connections last the same length, only for 20sec to a minutes. When they do happen, I checked the disk activity on NetworkService and it seems to be reading CrypnetURL's. The only 4 services running in that group are NlaSvc, CryptSvc, LanmanWorkstation and Dnscache.
I checked autoruns and there doesn't seem to be anything odd loading when my PC boots up, and nothing listed in CCleaner either. I have run HitmanPro, ADWcleaner, MalwareBytes, and Avast. Nothing. I also used Process Monitor and found nothing out of the ordinary there either.
This has been going on for months now, and now I just want to know why? And help at all would be appreciated
Bit more information. I am running Windows 7 64 bit and I use TP-Link Wireless adapter to connect to my Router.
Edited by HairyApricot, 05 June 2016 - 05:11 AM.