Hello to the Community:

This is my first post. I also wish to introduce myself as Ant1c0rr3lat10n, or A-C.

I was getting ready to purchase Spybot SD, and thought I would take a close look at my workstation the free version was installed on, just to see what changed from a system-level perspective.

I stumbled onto several notifications in the Win logs:

Data = Source: 127.0.0.1 URI: Message: Listening on port 21331

The source is the Application channel, level is "information" with the keyword 0x0080000000000000

All the other messages contained specific ports (21327; 21322; 21323; 21327; 21331; 21321) that were being listened to with two iterations over a three hour period.

I am respectfully asking if the community or any crawlers what sbNet is, e.g., what it listens for, what it reports, and what its purpose is. Oh, and of course what privilege it runs under. Aside from full-disclosure (which does not really ever happen) one must trust, but verify.

Several interweb searches revealed more about the potential to have misspelled "subnet" than anything else that would make sense. It showed up shortly after the install, and being not exactly sound of mind, I am asserting that the "sb" in "sbNet" is directly related to Spybot. I could be on Mars on the topic due to little or no usable information about sbNet.

I looked through the materal from Safer Networking in a cursory manner and did not see anything about sbNet. It concerns me because of the lack of information or disclosure on the matter. I hope that I did not miss it if it exists.

My next task is to see what Sysinternals Procmon64 and Wireshark tell me.

Forgive my pedantic nature, but I have a profound and passionate curiousity of computer science, sprinkled with a molar amount of paranoia.

I used SB SD in another lifetime religously, and I liked it, and thought I would take a look at how much it has advanced since the 2000's. It identified and took care of certian items that the bloated and laughable Symantec and McAfee antivirus packages rolled over on. That was good enough.

I genuinely thank everyone who reads this post, and an even deeper thanks in advance for any replies with intelligence on sbNet. You know, I look at my web-facing PCs as extensions of my home. When I invite someone to come in, I anticipate that with some due diligence, that person will leave with all they came with. It has become impossible to know. I guess if Microsoft is doing it, it must be OK. Right?

Best regards and wishes for all to dwell in Peace.

<>