DNS query to non local and non routable IP

But how do I find out what and why on my computer is sending the queries to this class C address?

this is nothing you can solve with Wireshark, as every program on your Windows will call system APIs for DNS resolution. Thus every DNS query will be created by some system component and you will not be able to figure out which program triggered the DNS query (originally) just by looking at the network capture, as there is no information in the DNS packets about the originator.

See also here: http://ask.wireshark.org/questions/26171/how-can-i-determine-which-application-is-sending-dns-queries-to-my-bind-server?page=1&focusedAnswerId=26234#26234

So, on Windows you have the following options:

• dump the whole network configuration and check if there is a reference to 192.168.1.1

netsh dump | find "192.168.1.1"
ipconfig /a | find "192.168.1.1"

• search the registry for 192.168.1.1
• Take a look a the DNS queries and the names in those queries. Maybe there are typical names that can help to identify a certain tool/software on your system.
• get a API call tracer/monitor (search google) and try to watch calls to the DNS resolver API
• Try to use the new Microsoft Message Analyzer to find the process that triggers the DNS queries (not sure if that would work)

Besides that, there is not much you can do on Windows, at least I don't know more than the things listed above.

Regards
Kurt