Help With Log Entry

Discussion in 'ESET Smart Security' started by RickFriedman, Nov 13, 2009.

Thread Status:
Not open for further replies.
  1. RickFriedman

    RickFriedman Registered Member

    Joined:
    Jun 15, 2004
    Posts:
    13
    Location:
    New York City
    I Have ESS 4.0.467. Today, I started seeing entries in the firewall log stating, "Packet blocked by active defense (IDS)." It seems to be outgoing from my machine to the following IP addresses: 213.155.18.56 & 213.155.20.32.According to WHOIS lookups, the first address resolves to a network in Odessa in the Ukraine while the second resolves to a network in Namibia.

    It seems as though I have something on my computer trying to "phone home." BTW... these log entries happened within just a few minutes of each other, several times each. Also, they each came from my local port 63581.

    Is there anyway I can track down what on my machine is doing this? Nothing in the log gives any indication.

    Any help is greatlt appreciated.

    Rick
     
  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Which version of Microsoft Windows are you running?

    Regards,

    Aryeh Goretsky
     
  3. RickFriedman

    RickFriedman Registered Member

    Joined:
    Jun 15, 2004
    Posts:
    13
    Location:
    New York City
    Sorry, I'm running Vista SP2.

    Rick
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    If you open an elevated Command Prompt (filename: CMD.EXE) under Microsoft Windows Vista SP2 and issue a "netstat -b" command, you should see a list of programs and the IP addresses bound to them.

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.