What is this internet activity on my HP?

On a HP desk top at screwy times of the day and night this activity is recorded. And what is this IP address that is referred to? It is not MY Modems IP adress 24.0.187.75


Starting: hpslpsvc32.dll
20120511225823:0003B91E4:0001(0000-0000)(2204)+++ From: c:\program files\hp\digital imaging\bin
20120511225823:0003B97F2:0001(0000-0000)(2204)+++Command Line: C:\Windows\system32\svchost.exe -k HPService
20120511225823:0003B9D38:0001(0000-0000)(2204)+++ File Size: 634880
20120511225823:0003BA22D:0001(0000-0000)(2204)+++ Version: hpslpsvc32.dll 120.0.194.0 Release
20120511225823:0003BA7FF:0001(0000-0000)(2204)+++ Built on: Oct 16 2008 18:22:43
20120511225823:0003BAE4D:0101(0000-0000)(2204)+++ PID: 2196 HPSLPSVC0182.log (C:\Windows\system32\svchost.exe )
20120511225823:0003E0D19:0001(0000-0000)(2204){Loaded 0 devices}
20120511225823:00042526D:0201(0000-0000)(2356)<Using adapter at index A for [Local Area Connection](NVIDIA nForce 10/100 Mbps Ethernet ) IP=192.168.2.5 Type=6>
20120511225823:000427B5B:0101(0000-0000)(2356)<FOUND 1 connected adapter(s), error=0>
20120511225823:0004460F5:0001(0000-0000)(2356)<Monitoring adapter ip=192.168.2.5, subnet=192.168.2.0/24 at index A for NVIDIA nForce 10/100 Mbps Ethernet [status=1, flags=3e5] type=6>
20120511225823:000450A8A:0001(0000-0000)(252Heartbeat event initialized for subnet=192.168.2.0/24
20120511225823:000459F0C:0101(0000-0000)(2356)<STARTED manager for(192.168.2.0/24)>
20120511225823:00045CBDE:0101(0000-0000)(2356)<FOUND 1 connected adapter(s)>
20120511225823:00045EC26:0001(0000-0000)(2532)<MONITORING subnet 192.168.2.0/24 on LOCAL ADDRESS 192.168.2.5>
20120511225823:0004613DD:0101(0000-0000)(2356)<STARTED MANAGER FOR OFF-SUBNET 2560>
20120511225823:000462AD3:0001(0000-0000)(2560)<MONITORING OFF-SUBNET>
20120511225823:0004639C5:0101(0000-0000)(2532)[SENDING MULTICAST REQUEST->192.168.2.0/24]
20120511225823:00046435C:0101(0000-0000)(2532)<FINISHED STARTUP for 192.168.2.5>
20120511225823:000470D8B:0001(0000-0000)(254Heartbeat event initialized for subnet=
20120511225824:0005659B1:0101(0001-0001)(2560)<FINISHED STARTUP for OFF_SUBNET>
20120511225824:000566635:0101(0001-0000)(2560)<SERVICE STARTUP FINISHED in 1700 mSec>
20120511225829:0000976E9:0101(0006-0004)(2532)[SENDING MULTICAST REQUEST->192.168.2.0/24]
20120512004422:00030AF67:0101(6369-0002)(2356)<IP ADDRESS TABLE CHANGED>
20120512004422:00030CF87:0101(6369-0000)(2356)<IP CHANGE NOTIFICATION SCHEDULED>
20120512004422:00031ACA3:0101(6369-0000)(2356)<RESCAN SUBNETS> S=1, R=0
20120512014735:000777FE4:0001(0162-3792)(5452)<MONITORING OFF-SUBNET>
20120512014739:0001D6701:0001(0166-0000)(2204)Media sense re-started
20120512014739:0001FE678:0101(0166-0000)(2356)<RESUMING>
20120512014739:00022BB9E:0101(0166-0000)(2356)<RESCAN SUBNETS> S=0, R=1
20120512014739:00024148B:0001(0166-0000)(2204)Already awake


Also, there is actually two other IP adresses that this mysterious activity uses/connects to. I don't have them to paste right now but i will later. And the above c/p is one of 200+ logged activities of this type!

If this is an "UP and UP" activity( as compared to someone hacking into my machine I don't know either way that is why I'm asking?) of an HP machine why is it an HP acivity at all?

 

To isolate this issue you can login to 192.168.2.5 or 120.0.194.0 and check that out. Please follow the steps given below:

1. Open an Internet Explorer and type in "192.168.2.5" in the address bar without any quotation mark and press Enter.
2. Click on Login, by default the password might be blank and click submit.
3. Click on DHCP Client List on the left hand side of the page.
4. You can view the Client name and the Client's MAC Address and the ip address which is connected to your router.

Note : If that is a wireless client, you will have to enable the wireless security on your router. That will automatically get disconnected as soon as you enable the wireless security on your router.

 

192.168.2.5 appears to be the address assigned to the machine from which the log was taken. 120.0.194.0 appears to be the release number of hpslpsvc32.dll. Based on a quick search, hpslpsvc32.dll appears to be known as "HP Network Devices Support", it may implement SLP (https://en.wikipedia.org/wiki/Service_Location_Protocol), and it is likely related to HP printers with network interfaces.