firewalls and remote hosts, page-5

  1. asxstocktrader
    2,560 Posts.
    clock Created with Sketch.
    17/11/09
    14:26
    Post #: 5924200
    watso should open a cmd window.

    at the prompt

    and type in :
    c:\netstat -o

    -o for the owner pid.

    Netstat will show you all processes that are making remote calls outbound and inbound.

    In addition Watso could correlate this Pid ( process id) in task manager. He may need to goto options and select Pid to show the id value.

    Then Watso should goto c:\windows\system32 as its a dumping ground for most virus, trojans etc.

    Watso should look for *.exe files with datetimes stamps that are inconsistent with the majority of the other files.
    he may need to sort on Datetime in explorer for this.

    Lastly Watso can configure his firewall to block outbound on the IRC port which is 6667. Will stop bots making calls outbound from your machine if its infected.
    Likes Created with Sketch.  Upvote
    Stroke 3 Created with Sketch. Comments Created with Sketch. Reply

  2. Top Stories

 

Featured News

NEWS More Outstanding Gallium Assay Results for Nimy at Block 3
right-arrow Created with Sketch.
NEWS R&D Tax Refund of $5.8M Received by Imugene to Support Clinical Development
right-arrow Created with Sketch.
NEWS Drilling Commences at Leinster South Project in WA
right-arrow Created with Sketch.
NEWS Austral Resources to Acquire Rocklands to Transform North-West Queensland Copper
right-arrow Created with Sketch.
NEWS MTM Successful Uplisting Commences Trading on OTCQX Market in US
right-arrow Created with Sketch.
NEWS Anson Adds 100 Strategic Claims to Green River Lithium Project
right-arrow Created with Sketch.
arrow-down-2 Created with Sketch. arrow-down-2 Created with Sketch.