Unknown Connections

  • Thread starter Thread starter Alex
  • Start date Start date
A

Alex

( MS Windows Vista Home Premium SP1 x64 )
Hi,
Why when I open WMP my computer connects through wmplayer.exe to many IP
addresses??? One from Bulgaria, another from Microsoft, another from
University of California :-s another from dont know where...
My Windows copy is fresh and this happens even if my wmp library is EMPTY.
I can't block this thing to happen only if I choose "Work Offline" for my WMP.
 
Alex said:
( MS Windows Vista Home Premium SP1 x64 )
Hi,
Why when I open WMP my computer connects through wmplayer.exe to many IP
addresses??? One from Bulgaria, another from Microsoft, another from
University of California :-s another from dont know where...
My Windows copy is fresh and this happens even if my wmp library is EMPTY.
I can't block this thing to happen only if I choose "Work Offline" for my WMP.

Well, you need to find out what is doing it and make a determination if
if it's legit or not and stop it in either case if you determine if you
don't want it to happen.

What you think is the culprit may be only the host to what is really
doing it, and you need to go look with the proper tools.

The tools in the link will help you make that determination.

You can use Process Explorer and right-click a line in the upper or
lower pane and go to Properties to look deeper at any given running process.

Active Ports doesn't run on Vista. So you have to use Current Ports.

<http://www.windowsecurity.com/artic...d_Rootkit_Tools_in_a_Windows_Environment.html>
<http://technet.microsoft.com/en-us/sysinternals/default.aspx>
<http://www.nirsoft.net/utils/cports.html>

I had a Linksys wireless card a few years back that was phoning home to
about 30 IP(s). Well, it was the card's driver that was doing it that
pigging backing of off process running inside the WZC service on XP. It
took the tools in the links to pinpoint who was really doing it.

I didn't need WZC since the wireless card was in a desktop computer. So
I shutdown the WZC service.
 
Back
Top