Humpty Posted September 23, 2007 Share Posted September 23, 2007 If you are worried that some programs on your PC are secretly making connections to websites in the background, here's a quick tip that uses a simple DOS command to detect and prevent such suspicious activity: 1. Type cmd in your Windows Run box. 2. Type "netstat -b 5 > activity.txt" and press enter. After say 2 minutes, press Ctrl+C. 3. Type "activity.txt" on the command line to open the log file in notepad (or your default text editor) The file activity.txt will have a log of all process that made a connection to the Internet in the last two minutes. It will also show which process connected to which website in this time. And not just the web browsers (like iexplore.exe or opera.exe), the log will also show your IM clients, download managers, email programs or any software that requires a net connection. Stolen from here Link to comment Share on other sites More sharing options...
Anthony A Posted September 23, 2007 Share Posted September 23, 2007 If you are worried that some programs on your PC are secretly making connections to websites in the background, here's a quick tip that uses a simple DOS command to detect and prevent such suspicious activity: 1. Type cmd in your Windows Run box. 2. Type "netstat -b 5 > activity.txt" and press enter. After say 2 minutes, press Ctrl+C. 3. Type "activity.txt" on the command line to open the log file in notepad (or your default text editor) The file activity.txt will have a log of all process that made a connection to the Internet in the last two minutes. It will also show which process connected to which website in this time. And not just the web browsers (like iexplore.exe or opera.exe), the log will also show your IM clients, download managers, email programs or any software that requires a net connection. Stolen from here Read that on Life Hacker today. Link to comment Share on other sites More sharing options...
Tunerz Posted September 23, 2007 Share Posted September 23, 2007 It's pretty useful to me. I've check the log and I saw some "unwanted entries" for me TCP DESKTOP:3140 1a.9.344a.static.theplanet.com:http ESTABLISHED 2956 [Opera.exe] TCP DESKTOP:3141 1a.9.344a.static.theplanet.com:http ESTABLISHED 2956 [Opera.exe] TCP DESKTOP:3142 1a.9.344a.static.theplanet.com:http ESTABLISHED 2956 [Opera.exe] TCP DESKTOP:3143 1a.9.344a.static.theplanet.com:http ESTABLISHED 2956 [Opera.exe] TCP DESKTOP:3122 checkip-pao.dyndns.com:http CLOSING 3508 [DynDNS.exe] TCP DESKTOP:3136 checkip-pao.dyndns.com:http CLOSING 3508 [DynDNS.exe] TCP DESKTOP:3137 checkip-pao.dyndns.com:http CLOSING 3508 [DynDNS.exe] TCP DESKTOP:3130 1a.9.344a.static.theplanet.com:http TIME_WAIT 0 TCP DESKTOP:3132 1a.9.344a.static.theplanet.com:http TIME_WAIT 0 TCP DESKTOP:3134 1a.9.344a.static.theplanet.com:http TIME_WAIT 0 TCP DESKTOP:3139 1a.9.344a.static.theplanet.com:http TIME_WAIT 0 Link to comment Share on other sites More sharing options...
YoKenny Posted September 23, 2007 Share Posted September 23, 2007 TCPView from Microsoft's Mark Russinovich is very good: http://www.microsoft.com/technet/sysintern...es/tcpview.mspx "Education is what remains after one has forgotten everything he learned in school." - Albert Einstein IE7Pro user Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted September 23, 2007 Moderators Share Posted September 23, 2007 @Tunerz As far as I know The planet.com is a web hosting service used by some forums. Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
Tunerz Posted September 23, 2007 Share Posted September 23, 2007 Why does desktop (not Opera) access "theplanet.com"? Perhaps it's still connected to Opera's processes. Link to comment Share on other sites More sharing options...
Moderators DennisD Posted September 23, 2007 Moderators Share Posted September 23, 2007 Nice post Humpty. Link to comment Share on other sites More sharing options...
login123 Posted September 23, 2007 Share Posted September 23, 2007 Very nifty, Humpty. The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted September 24, 2007 Moderators Share Posted September 24, 2007 I remember years ago when I used the original MP3.com, and back in the ZoneAlarm version 2 era that MP3.com would show up in the firewall logs as the browser communicating with the website on the websites port 80 an hour or so later after I'd left the site and was browsing elsewhere. It was always something that made me go hmm, but I never thought of it as a threat after reading some security info about it. Link to comment Share on other sites More sharing options...
Caldor Posted September 24, 2007 Share Posted September 24, 2007 Whats really going to twist your noodle is what the contents of encrypted packets going back to MS are doing I know of three, might be more. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now