[GenXnyc]

I keep getting Firewall alerts from Earthlink's Firewall about something that seems suspicious. It always says "A Process" is attempting communication. It is from different IP Addresses, but almost always says on port "0". In many cases, it seems there is a set of IP addresses it is coming from that are repeated regularly. I can't find any information on what "A Process" is. Because "A" is in CAPS I assume it is on a generic "A" as in "a process is attempting", but rather a phony name of a process.

I never had this happen using windows firewall and am not sure it is a problem because blocking it seems to have no effect and it appears even after running anti virus and anti spyware programs. I'm posting some of the Firewall log below and have removed my IP address from it. In particular the last IP address in the list shows up more than most, however no information comes up when searching it. Any info would be appreciated.

When I do a WHOIS search for the originating IP addresses they all come from Shaw Cable in Canada.

=========================================================
Time: 8/25/2007 4:44:17 PM
Event ID: 397223 User Response Deny

=========================================================
Time: 8/25/2007 4:46:40 PM
Default Action: Deny
Event ID: 400090
Application: N/A
Protocol: 1
Remote: 64.130.162.202:0
Local:
Traffic: Outbound
PID: 0

=========================================================
Time: 8/25/2007 4:47:40 PM
Event ID: 400090 User Response Deny

=========================================================
Time: 8/25/2007 4:50:31 PM
Default Action: Deny
Event ID: 403971
Application: N/A
Protocol: 1
Remote: 24.64.115.254:0
Local:
Traffic: Outbound
PID: 0

=========================================================
Time: 8/25/2007 4:51:31 PM
Event ID: 403971 User Response Deny

=========================================================
Time: 8/25/2007 4:57:51 PM
Default Action: Deny
Event ID: 410725
Application: N/A
Protocol: 1
Remote: 81.41.144.5:0
Local:
Traffic: Outbound
PID: 0

=========================================================
Time: 8/25/2007 4:58:51 PM
Event ID: 410725 User Response Deny

=========================================================
Time: 8/25/2007 4:59:12 PM
Default Action: Deny
Event ID: 412085
Application: N/A
Protocol: 1
Remote: 24.64.223.60:0
Local:
Traffic: Outbound
PID: 0

=========================================================
Time: 8/25/2007 5:00:12 PM
Event ID: 412085 User Response Deny

=========================================================
Time: 8/25/2007 5:02:03 PM
Default Action: Deny
Event ID: 415274
Application: N/A
Protocol: 1
Remote: 72.28.230.72:0
Local:
Traffic: Outbound
PID: 0

=========================================================
Time: 8/25/2007 5:03:03 PM
Event ID: 415274 User Response Deny

=========================================================
Time: 8/25/2007 5:03:17 PM
Default Action: Deny
Event ID: 416943
Application: N/A
Protocol: 1
Remote: 24.64.183.156:0
Local:
Traffic: Outbound
PID: 0

=========================================================
Time: 8/25/2007 5:04:18 PM
Event ID: 416943 User Response Deny

=========================================================
Time: 8/25/2007 5:04:49 PM
Default Action: Deny
Event ID: 418538
Application: N/A
Protocol: 0
Remote: 239.255.255.250:0
Local:
Traffic: Outbound
PID: 0