First of all I want to commend the ease of registration for this forum. Very professional! (:CLP)
I have a question concerning svchost.exe
Before anyone starts, I have already used the search engine to look for this topic here in the forums and also on Yahoo.
It appears that svchost is trying to recieve a connection from the internet (is that inbound or outbound?). Approximately 300 times in the last 24 hours. I ran a IP trace on the addresses and found most to be coming from coxcable and roadrunner, but a few were coming from somewhere in China(??). All of them were trying to access port 1026 which I recognize as a having to do with the calender.
I have realized that since I blocked these requests, I have not received any windows update notifications,
but like they say, I don’t want to have a nuke proof door, but leave it unlocked.
I have run all different kinds of antivirus/antispyware, etc…(AVG, AVGantispy, Spybot, AdAware, AdWatch, CCleaner)
Everyone comes up clean and is up to date.
I have also tried a command prompt to look at all processes and PIDs, seems OK.
Each IP, when I run a traceroute, comes with a long list of what looks to be hops or bounces around the world.
California, Canada, China, Honolulu, etc…
Is it possible that someone is using these IPs as proxies to attack me? Or am I just being paranoid?
Any help would be much appreciated!