Re: Windows Me "User Connected"
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 02/23/05
- Next message: winged: "Re: Weekly routine"
- Previous message: donnie: "Re: Trojan or Security pest?"
- In reply to: donnie: "Re: Windows Me "User Connected""
- Next in thread: winged: "Re: Windows Me "User Connected""
- Reply: winged: "Re: Windows Me "User Connected""
- Reply: winged: "Re: Windows Me "User Connected""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Feb 2005 01:55:34 GMT
At alternative to the Command Line utility NETSTAT.EXE is TCPVIEW (tcpview.exe v2.34) by
Sysinternals
http://www.sysinternals.com/ntw2k/utilities.shtml
It is a GUI utility and will show the information real-time and under NT Based OS's it will
also show the fully qualified executable opening a given port and communicating with a
remote site.
-- Dave "donnie" <donnie@queyosepa.org> wrote in message news:51nn11dv7r508bqimqcgadtjlurgtf6l51@4ax.com... | On Tue, 22 Feb 2005 13:20:33 -0800, "Jim" <jimcraib@sanbrunocable.com> | wrote: | | Before you do all that work that David suggested, I would make sure | that file sharing is not enabled, then I would look in HKLM,Software, | Microsoft, Windows, CurrentVersion,Run and see what;s loading. Do the | same in HKCU. Many trojans hide in those places. | Also, I would run netstat -an and see what IP and port the conection | is using. Run a whois on the IP address and try to get the NetBIOS | table. nbtstat -A IP_address. | donnie
- Next message: winged: "Re: Weekly routine"
- Previous message: donnie: "Re: Trojan or Security pest?"
- In reply to: donnie: "Re: Windows Me "User Connected""
- Next in thread: winged: "Re: Windows Me "User Connected""
- Reply: winged: "Re: Windows Me "User Connected""
- Reply: winged: "Re: Windows Me "User Connected""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
