S
sss190
Hello,
Recently I noticed this 2 strange network activities on my pc
(LAN internet, real IP, running winXP w/Kerio)
(1) svchost.exe trying to access multiple different sites on (remote
port 80
Such attempts are made all the time. Kerio sometimes resolves th
addresses as belonging to akamaitechnolgies something o
reversetheplanet,etc. I supposed this was caused by spyware/adware bu
running Web Root Spy Sweeper (which is ON all the time) produce
nothing. I also looked at the list of processes in svchost.exe bu
could not figure out which could be causing the problem.
(2) Multiple incoming requests on local port 1026 and port 20234
Kerio registers a great deal of these. Probably I would not be worried
since these ports are closed on my machine by Kerio and dropped 100% o
the time, but I am getting more than 50 calls to port 20234 in
minute.
You can take a peek at excerpt from my Kerio log, where I have include
several records from the log to show details on the above mentione
problems. It includes a several requests of each type where you can se
details on ports and addresses and also the contents of svchost.exe.
'partial log' (http://www.angelfire.com/linux/moterin/log_excerpt.txt
If you know what is causing this or you've had similar experience, you
help/advise would be appreciated!
Moteri
Recently I noticed this 2 strange network activities on my pc
(LAN internet, real IP, running winXP w/Kerio)
(1) svchost.exe trying to access multiple different sites on (remote
port 80
Such attempts are made all the time. Kerio sometimes resolves th
addresses as belonging to akamaitechnolgies something o
reversetheplanet,etc. I supposed this was caused by spyware/adware bu
running Web Root Spy Sweeper (which is ON all the time) produce
nothing. I also looked at the list of processes in svchost.exe bu
could not figure out which could be causing the problem.
(2) Multiple incoming requests on local port 1026 and port 20234
Kerio registers a great deal of these. Probably I would not be worried
since these ports are closed on my machine by Kerio and dropped 100% o
the time, but I am getting more than 50 calls to port 20234 in
minute.
You can take a peek at excerpt from my Kerio log, where I have include
several records from the log to show details on the above mentione
problems. It includes a several requests of each type where you can se
details on ports and addresses and also the contents of svchost.exe.
'partial log' (http://www.angelfire.com/linux/moterin/log_excerpt.txt
If you know what is causing this or you've had similar experience, you
help/advise would be appreciated!
Moteri