19.1 C
New York

Kies Tray Agent . Unknown connections


Today while checking the network connections I found something strange. The KeisTrayAgent running on my PC is connecting to some IP Address in the internet. It seemed something strange and I am thinking that there is something wrong with the connections, so did a bit more analysis. Here are my findings

Kies Tray Agent (KiesTrayAgent.exe) is part of the Samsung Keis application suite. Samsung uses the Keis application suite for managing the Samsung Galaxy application suits. I have installed this sometime back for managing the Samsung Galaxy S phone.


The KiesTrayAgent in my PC is connecting to the IP address Why should an agent connect to an external IP address, especially something which manages the Mobile phone? Now I thought the IP address would be located in the Samsung network.



To my surprise, the IP Address is located in the Qatar Doha Qatar Telecom (qtel) Q.s.c network. It is also identified to be part of the ADSL pool

inetnum: –
netname:         Mobile-Broadband-Pool-No-6
descr:           ADSLPOOL
country:         qa

So why is the KeisAgentTray.exe connects to an HTTP service at I have checked up the webpage at this IP address. The access is redirected to a login page 


It just give me the above screen. Wrong password; enter password.

My current guess is that either the KeisAgentTray on my PC is compromised. But on a larger scale, it could be that the above file is compromised and unnoticed. What do you say?

Related articles

Recent articles