Hi. I have noticed the same issue in my computer lately, and so far I have not found any reports on this through googling a bit.
It seems that svchost.exe is trying to connect on two ports to 6666 in my nearest GW machine. Since my all-knowing administrators have disabled the ability for me to control the internal firewall, I cannot even disallow the connections. I really don't like processing opening ports all by them selves, paritcularly not on the IRC port.
Did you find anything on this yet?
I believe I have found the cause for this. Using "tasklist /SVC" I checked the users of the svchost.exe PID that made the calls to 6666, and they were LmHosts, RemoteRegistry and SSDPSRV. SSDPSRV is the service that "Enables discovery of UPnP devices on your home network." When I disabled the SSDPSRV service, the requests stopped, so I guess that the requests were caused by some UPnP service in my router triggering some functions in Windows.
So I guess that the traffic is OK per se, but since I generally dislike anything automatic, communicating for itself and setting up things I have no control over, I will leave the UPnP service off, until I find some real need for it.
Hope this helps you too.
This could also be due to Windows Media Player Sharing to an XBOX360 - I have been troubleshooting this problem for months and have not been able to figure out why I could not get the XBOX360 to see the WMP11 content. I added wmplayer.exe to the excluded list, and it solved the issue.
1. Right Click on McAfee Icon
2. Click "VirusScan Console..."
3. Double-Click "Access Protection" (Top option, should be Enabled)
4. Select "Prevent IRC communication" in the right-hand pane
5. Click "Edit"
6. In the "Processes to exclude:" field type w/o quotes: "wmplayer.exe"
7. Click "OK"
8. Click "Apply"
9. Click "OK"
Note that the WMP will still need the firewall ports opened to allow the communication.
We had a similar issue but unfortunately ours wasn't in report only mode and blocked access to outlook for a complete site. If exchange decides to use a port such as 6668 to communicate on mcafee will block it. It is possible to limit which ports exchange can use by editing the registry but the chances of it happening are pretty slim. Im pretty sure any applications which use RPC ports can cause issues.