Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Quick Tip: Log all references to HTTP in your files and programs.

02 Sep 2010   #1

Quick Tip: Log all references to HTTP in your files and programs.

This is quick and dirty,

If you ever get hacked, you might not know it. Your Anti-Virus might miss the infection and the malicious process might run invisible to task manager.

One quick and dirty way to check for signs of infection is to create a log that contains all the URL's contained within the files and programs on your computer. Because almost all malware is going to try to send and receive files to and from your computer, making a log of every URL contained on your computer can reveal some really interesting information. For instance, you might discover that a PDF file you thought was inccocent , contains referrences to a known malware domain hosted in China or Russia.

To create your log, you will need:

Strings from Sys Internals: This tool will search through every file and folder on your computer (or just one if you prefer) and print out all the ASCII and Unicode text it finds contained within them. It is faster than FINDSTR in the command line, and its output is cleaner and more organized.

Please note that to use the script as is, you will need to place the strings executable in your system32 folder. OR, you will need to add the path of the strings.exe executable to your PATH environment variable.

Next, copy and paste the following command into a command prompt:

 cls && cd \ && strings -q -s | find "http://" > "%USERPROFILE%\Desktop\Http_Log.txt" && notepad.exe "%USERPROFILE%\Desktop\Http_Log.txt"
The code will first clear the screen (cls) then change the current directory to the C: drive (cd \) then it will search strings (or text) in each file and program on your computer(strings -s) it will then pipe, or send ( | ) that data to the find command and find strings that start with http:// (find "http://")

While doing this it will add every string it finds to a file on your desktop called Http_Log.txt ( > "%USERPROFILE%\Desktop\Http_Log.txt") and once that finishes, it will then open that log in notepad for you to view it ( notepad.exe "%USERPROFILE%\Desktop\Http_Log.txt" )

Once the log has been created, it is up to you to do with as you please. For me, I like to start looking for interesting strings. So I will do an Edit>Find in notepad and look for references to Chinese or Russian websites (.cn or .ru). I'll also look for key words like "password" ".dll" and other things.

Some technical notes:
  • Please note that the size of the log file will be bigger than your average text file, usually between 10MB to 35MB. Notepad can handle a file size this large, but give it a little while to open it.
  • Also note that each time you run this command, the size of your log file will be twice as large as before. Reason being that, each successive time you run it, it will add all the strings it finds in your http_log.txt file to your new http_log.txt file, so it will be twice as large.
  • Please note that it will take a while for this command to finish. If you have over 1GB of ram, you can just do something else while it runs. If you have 512mb or less, than you might want to go get some coffe and watch a tv show until it is done.

Happy Hunting

My System SpecsSystem Spec
03 Sep 2010   #2

Windows 7 Home Premium 64bit

Nice thread.
Looks like it took you awhile.
My System SpecsSystem Spec
03 Sep 2010   #3

Win7 HP (x64)/Win7 Ultimate (x64)

Thanks for the work done dranfu :)
Will give this a try
My System SpecsSystem Spec

04 Sep 2010   #4


Glad you enjoyed it
My System SpecsSystem Spec

 Quick Tip: Log all references to HTTP in your files and programs.

Thread Tools

Similar help and support threads
Thread Forum
Can't upload files via http. Ftp works fine. Windows 7 Pro 64 bit
Hi guys. I know there have been many similar posts but none of them caries any responses that worked for me. Basically, what is happening is that for some time now I am unable to upload anything to any http:// or use programs like Dropbox/Google Drive. Websites like YouTube just jumps to 100%...
Network & Sharing
Saving order of programs in custom quick launch toolbar
I had a custom quick launch toolbar displayed on my Windows 7 Professional taskbar. Somehow, when I first set it up, I was able to rearrange the order of the programs on the toolbar and the order was saved so that it was the same every time I rebooted. I inadvertently removed this custom toolbar....
Windows firewall - A quick question about blocking outgoing programs
I've set it so windows firewall will block any outgoing program that doesn't have a rule assigned. I'd also like to know if there is an option for it to tell me when it does do this and allow me to unblock it with this notification (Much like the notification of blocking incoming connections). OS:...
System Security
quick lauch type toolbar for All programs
I saw this once before on a site and I had my previous installation of win seven to have a toolbar for all programs? For the life of me I cannot find the site. It combined the appdata and program data start menus as in the start menu but as a toolbar like quick launch. Does anyone how to set this...
Download Free Security Quick Security References from M
At Microsoft, security work focuses on more than simply bulletproofing the company’s own products, and has spanned into educating third-party professionals on the steps needed to secure their own software and environments. At the start of this week, the software giant made available the company’s...

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 06:47.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App