Unknown attempted e-mail connection

C

Cephus

New Member
For the last week or so, I've started seeing my system attempting to connect to an e-mail server on swbell.net. I am assuming it's not spyware or a virus since both my spyware and virus checkers show nothing on my system and it's trying to DOWNLOAD, not upload information. It fails to connect to the POP3 server and times out every time but my virus scanner still shows that it's making an attempt 5+ times per day.

My question is, is there a way to determine what program is making this e-mail call? It doesn't appear to be anything that I'm running, it happens no matter what software is running, even if nothing is running at all. I checked through the registry for anything that calls this POP3 server and came up empty. Nothing in the task manager appears out of the ordinary and there are no easily identifiable processes running that seem connected.

I'm running Windows XP SP2, is there a way to tell what program is causing the e-mail call while it's happening? Thanks.
 
Are you running the XP firewall? If you're using another firewall, disable it and install ZoneAlarm. This will alert you to all connection attempts and ask if you want to allow or block the connection. When the program tries to connect to the server, Zonealarm will tell you what program it is.
 
No, I'm running behind a hardware firewall, that's why it can't connect to the POP server, but the firewall only reports that an attempt was made, not which specific program made the call.
 
If you install ZoneAlarm, that will tell you which program is attempting to call out. You can uninstall it as soon as you know (which by the sound of it wouldn't take long).
 
Buzz1927 said:
If you install ZoneAlarm, that will tell you which program is attempting to call out. You can uninstall it as soon as you know (which by the sound of it wouldn't take long).
Click to expand...

Nope, it shouldn't considering it's trying to connect right now. :)

Too bad Micro$oft doesn't put something like that into the OS, but that would make sense, wouldn't it?
 
Actually, it wouldn't have been a bad idea, but the only thing ZoneAlarm catches is my virus-checker watching the attempted e-mail connection, it doesn't log which program is actually doing the call.

So I'm back to square one.
 
I'm going through my logs and here's what I'm finding from AVG:

24.7.2005 10:29:42 [de0] AutoPOP3(10110): Client connected
24.7.2005 10:30:14 [de0] AutoPOP3(10110): Cannot connect to ppp-70-129-127-20.dsl.ksc2mo.swbell.net:110
24.7.2005 10:30:14 [de0] AutoPOP3(10110): Connect: No connection could be made because the target machine actively refused it. (10061)
24.7.2005 10:30:14 [de0] AutoPOP3(10110): Client disconnected

Nowhere does it tell me what program is making the POP call. This is really frustrating. I can turn off the notification, but that doesn't solve the problem, does it?
 
You must log in or register to reply here.
Back
Top