Traffic

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

What is the purpose of this traffic?

File Version : 6.0.2900.2180
File Description : Windows Explorer (explorer.exe)
File Path : C:\WINDOWS\explorer.exe
Process ID : 0x87C (Heximal) 2172 (Decimal)

Connection origin : local initiated
Protocol : TCP
Local Address : 192.168.2.36
Local Port : 1699
Remote Name : eu-soft.net
Remote Address : 80.77.80.132
Remote Port : 80 (HTTP - World Wide Web)

Ethernet packet details:
Ethernet II (Packet Length: 76)
Destination: 00-30-bd-4a-03-26
Source: 00-40-05-35-4d-45
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x20f8 (Correct)
Source: 192.168.2.36
Destination: 80.77.80.132
Transmission Control Protocol (TCP)
Source port: 1699
Destination port: 80
Sequence number: 4282251465
Acknowledgment number: 0
Header length: 28
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Checksum: 0x8720 (Correct)
Data (0 Bytes)

Binary dump of the packet:
0000: 00 30 BD 4A 03 26 00 40 : 05 35 4D 45 08 00 45 00 | .0.J.&.@.5ME..E.
0010: 00 30 9F 09 40 00 80 06 : F8 20 C0 A8 02 24 50 4D | .0..@.... ...$PM
0020: 50 84 06 A3 00 50 FF 3D : F8 C9 00 00 00 00 70 02 | P....P.=......p.
0030: FF FF 20 87 00 00 02 04 : 05 B4 01 01 04 02 03 6E | .. ............n
0040: 65 74 00 00 01 00 01 00 : 00 00 00 00 | et..........
1 answer Last reply
More about traffic
  1. Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

    Download MS anti-spyware beta :
    http://www.microsoft.com/downloads/details.aspx?FamilyID=321cd7a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en and read the FAQ -
    http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

    The new MS beta for Antispyware has an "Advanced Tools" menu item that allows
    you to identify the maker and use of items on the Windows startup list. It's called
    "System Explorer" There is also a Very nice "Browser Hijack" feature


    --
    Mark L. Ferguson
    FAQ for Windows Antispy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm
    "Nog" <nognog@adelphia.net> wrote in message news:Uu-dnV8uxeiV2FrfRVn-rg@adelphia.com...
    > What is the purpose of this traffic?
    >
    > File Version : 6.0.2900.2180
    > File Description : Windows Explorer (explorer.exe)
    > File Path : C:\WINDOWS\explorer.exe
    > Process ID : 0x87C (Heximal) 2172 (Decimal)
    >
    > Connection origin : local initiated
    > Protocol : TCP
    > Local Address : 192.168.2.36
    > Local Port : 1699
    > Remote Name : eu-soft.net
    > Remote Address : 80.77.80.132
    > Remote Port : 80 (HTTP - World Wide Web)
    >
    > Ethernet packet details:
    > Ethernet II (Packet Length: 76)
    > Destination: 00-30-bd-4a-03-26
    > Source: 00-40-05-35-4d-45
    > Type: IP (0x0800)
    > Internet Protocol
    > Version: 4
    > Header Length: 20 bytes
    > Flags:
    > .1.. = Don't fragment: Set
    > ..0. = More fragments: Not set
    > Fragment offset:0
    > Time to live: 128
    > Protocol: 0x6 (TCP - Transmission Control Protocol)
    > Header checksum: 0x20f8 (Correct)
    > Source: 192.168.2.36
    > Destination: 80.77.80.132
    > Transmission Control Protocol (TCP)
    > Source port: 1699
    > Destination port: 80
    > Sequence number: 4282251465
    > Acknowledgment number: 0
    > Header length: 28
    > Flags:
    > 0... .... = Congestion Window Reduce (CWR): Not set
    > .0.. .... = ECN-Echo: Not set
    > ..0. .... = Urgent: Not set
    > ...0 .... = Acknowledgment: Not set
    > .... 0... = Push: Not set
    > .... .0.. = Reset: Not set
    > .... ..1. = Syn: Set
    > .... ...0 = Fin: Not set
    > Checksum: 0x8720 (Correct)
    > Data (0 Bytes)
    >
    > Binary dump of the packet:
    > 0000: 00 30 BD 4A 03 26 00 40 : 05 35 4D 45 08 00 45 00 | .0.J.&.@.5ME..E.
    > 0010: 00 30 9F 09 40 00 80 06 : F8 20 C0 A8 02 24 50 4D | .0..@.... ...$PM
    > 0020: 50 84 06 A3 00 50 FF 3D : F8 C9 00 00 00 00 70 02 | P....P.=......p.
    > 0030: FF FF 20 87 00 00 02 04 : 05 B4 01 01 04 02 03 6E | .. ............n
    > 0040: 65 74 00 00 01 00 01 00 : 00 00 00 00 | et..........
    >
    >
Ask a new question

Read More

Windows Explorer Windows XP