- Messages
- 828
I've recently installed Windows 8.1 and I noticed Svchost is constantly attempting to connect to Google. As I don't use any google services, apart from Gmail (via thunderbird) and I firefox only as my browser, I'm quite curious.
My firewall log gas lots of entries similar to these:
The IP addresses:
The PID (920 currently) for the Svchost in question leads to:
Appinfo
BITS
gpsvc
iphlpsvc
LanmanServer
ProfSvc
RasMan
Schedule
SENS
ShellHWDetection
Themes
Winmgmt
I'm quite familiar with these services but I can't relate any of them to the connections shown above. I had a look through Task Scheduler but couldn't find any Google related tasks.
I'm probably missing something here...
Anyone have any ideas?
My firewall log gas lots of entries similar to these:
Code:
25/03/2015 19:17:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59684 | 173.194.71.132 | 443 | TCP
25/03/2015 19:17:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59685 | 173.194.71.132 | 443 | TCP
25/03/2015 19:16:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59682 | 64.233.164.132 | 443 | TCP
25/03/2015 19:16:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59683 | 173.194.71.132 | 443 | TCP
25/03/2015 19:15:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59680 | 64.233.164.132 | 443 | TCP
25/03/2015 19:15:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59681 | 64.233.164.132 | 443 | TCP
25/03/2015 19:14:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59678 | 64.233.164.132 | 443 | TCP
25/03/2015 19:14:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59679 | 64.233.164.132 | 443 | TCP
25/03/2015 19:13:20 | 920 | Host Process for Windows Services | C:\windows\system32\svchost.exe | Out | 59632 | 64.233.164.132 | 443 | TCP
The IP addresses:
Code:
==================================================
Order : 1
IP Address : 173.194.71.132
Status : Succeed
Country : USA - California
Network Name : GOOGLE
Owner Name : Google Inc.
From IP : 173.194.0.0
To IP : 173.194.255.255
CIDR : 173.194.0.0/16
Allocated : Yes
Contact Name : Google Inc.
Address : 1600 Amphitheatre Parkway, Mountain View
Email : arin-contact@google.com
Abuse Email : arin-contact@google.com
Phone : +1-650-253-0000
Fax :
Whois Source : ARIN
Host Name :
Resolved Name :
==================================================
==================================================
Order : 2
IP Address : 64.233.164.132
Status : Succeed
Country : USA - California
Network Name : GOOGLE
Owner Name : Google Inc.
From IP : 64.233.160.0
To IP : 64.233.191.255
CIDR : 64.233.160.0/19
Allocated : Yes
Contact Name : Google Inc.
Address : 1600 Amphitheatre Parkway, Mountain View
Email : arin-contact@google.com
Abuse Email : arin-contact@google.com
Phone : +1-650-253-0000
Fax :
Whois Source : ARIN
Host Name :
Resolved Name :
==================================================
The PID (920 currently) for the Svchost in question leads to:
Appinfo
BITS
gpsvc
iphlpsvc
LanmanServer
ProfSvc
RasMan
Schedule
SENS
ShellHWDetection
Themes
Winmgmt
I'm quite familiar with these services but I can't relate any of them to the connections shown above. I had a look through Task Scheduler but couldn't find any Google related tasks.
I'm probably missing something here...
Anyone have any ideas?
My Computer
System One
-
- OS
- Windows 7 x64 Ultimate/Windows 8.1/Linux
- CPU
- FX-8350
- Motherboard
- GA-990XA-UD3
- Memory
- 16GB DDR3 Corsair Vengeance
- Graphics Card(s)
- HD7860
- Sound Card
- Xonar Essence STX
- Monitor(s) Displays
- Benq
- Screen Resolution
- 1920x1080
- Hard Drives
- Various
- PSU
- Corsair HX 850W
- Case
- Corsair Obsidian
- Cooling
- Thermalright
- Keyboard
- Logitech
- Mouse
- Logitech
- Internet Speed
- 50/50
- Browser
- firefox