troubleshooting Question

I've seen AVG logging POP3 requests to weird servers, never have found trojan/etc.

Avatar of davebytes
davebytesFlag for United States of America asked on
OS Security
8 Comments1 Solution577 ViewsLast Modified:
Lastest attempt was to:
ip141-58-173-82.dyndsl.versatel.nl:110

I shut down my net connection, which broke the attempt, and haven't seen it again.

There was no email in the cache folders for AVG, just a logged note.  I've since cranked up to maximum logging for the time being.  This is using Outlook Express as mail client.  I have all latest SP, patches, etc.

I had seen wacky stuff like this early on (10-12mos back) when I first built out this machine.  Never have been able to find any spyware, virus, trojan, anything... Using a few different tools (MS Antispyware, AVG, a-squared, to name my starters...).  About to try some more.  Didn't know if it was something wacky with AVG itself, but it freaks me out when I see the AVG popup contacting a strange POP3 server, usually raw IP address or dynamic dns...

Anyone seen stuff like this?  It's not trying to open an SMTP address (sending mail), it seems to be opening a 'random-seeming' POP3 box (which, of course, once the connection is opened, a trojan could use that 'transport' for potentially other things...).  Concerned given this is my primary EVERYTHING box, and tons of sensitive information on it, used through it (https sites), etc.

Setting high points, hoping someone can either point me to figuring out where the POP3 conns are coming from, how to stop them (if malicious) or at least better track them (if non-malicious, maybe some silly util is trying to use pop3 for updates??), or resources/discussions regarding this exact topic (pop3 connections being made on windows box to pop3 mailboxes NOT specified in my account...).

Thanks folks,

-d
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 8 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 8 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros