When I first log in to my PC, I got connections via Svchost(NetworkService) to a few IP addresses including an addr.btopenworld, 220.127.116.11, 18.104.22.168, comodoca.crl and apps.digsigtrust. The most data received seems to be from the 22.214.171.124. I first noticed all this months ago but couldn't find a reason, and various tools and scanner turned up nothing, my pc continued to run fine. The connections also occurred when connecting to Steam and when Premiere Pro or other adobe products were transmitting usage data. It also occasionally does it while I use chrome. I used Process Explorer and the service within Network Service that was making the connections was CryptSvc.
Based on the response on it and several other peoples opinions, along with the connections being very brief and reproducible, I don't think it was a virus or anything like that. My work PC makes a connection like the ones described above when it boots up, though its to akamai. My brothers computer also had many of the same connections that mine did. So now I want to actually know what is causing these checks? I have checked startup programs on my PC, all I have is Avast, intel usbmon 3.0 and something by creative technologies that I believe is sound related. Does anyone else experience similar connections?
I am on Window 7N, my connection is BT using a TP-Link adapter and a router.
Any help is appreciated, thank you
Just some more info. MalwareBytes, Avast and HitmanPro turned up nothing. AdwCleaner found a file, but it seems to be an auto generated file when you save in Deus Ex Human Revolution. I ran TDSSKiller. It found 1 suspicious file. RazerService.exe located inside Razer file. I have a Razer keyboard, and the reason it flagged it was it was not digitally signed. Removed the file anyway but it seems to have been a false positive.
Edited by HairyApricot, 11 June 2016 - 12:05 PM.