someone installed something on their pc that is causing a bunch of 'FORWARD packet died' messages to their ip in syslog on the router pc, questioned them and they're not sure what it might be, what can i do to track down whatever it might be?

sample message follows
Jun 5 14:29:47 computer kernel: FORWARD packet died: IN=eth0 OUT=eth1 SRC= LEN=1424 TOS=0x00 PREC=0x20 TTL=113 ID=31595 PROTO=UDP SPT=5004 DPT=2212 LEN=1404

whois says "OrgName:Online Technologies Corp." some place in Ann Arbor, MI that says they're "Leading Provider of IT Disaster Recovery and Internet Infrastructure"

i can post additional additional information as necessary, tia