Maybe you used gnutella to upload or download files. The connection attempts (coming from an ip range assigned to Chungwha Telecom, Taipei, Taiwan) may have been caused by an user of this network desperately trying to download a file you offered shareable via gnutella.
On the other hand, port 27374 is used by a trojan called SubSeven, a malware for Win. If the scans to either 6346 and 27374 come from the same IP addresses the person on the other end maybe is up to finding some vulnerable Windows boxes to take over.
The second version seems more reasonable to me. As the logfiles show - only the SYN-Flag was set. This usually indicates no established connection (ACK-Flag is set), but a so called half-open scan to find out about open or even filtered ports. I guess some script-kiddie scanned for known w$-trojans... Regards, Marek