Useful Tips and Tricks
  • Blog
  • Other
  • windows
  • Linux
  • Powershell
  • Login

Check what Web Sites Your Computer is Secretly Connecting To

8/8/2014

1 Comment

 
Has your Internet connection become slower than it should be? There may be a chance that you have some malware, spyware, or adware that is using your Internet connection in the background without your knowledge. Here’s how to see what’s going on under the hood.


How to Check What Your Computer is Connecting To:

open the Start menu and enter “cmd.exe” in the Search box. When the results display, right-click on cmd.exe and select Run as administrator from the popup menu.


At the command prompt, type the following command and press Enter.

netstat -abf 5 > activity.txt

The –a option shows all connections and listening ports, the –b option shows you what application is making the connection, and the –f option displays the full DNS name for each connection option for easier understanding of where the connections are being made to. You can also use the –n option if you wish to only display the IP address. The 5 option will poll every 5 seconds for connections to make it more easy to track what is going on, and the results are then piped into the activity.txt file.

Wait about two minutes and then press Ctrl + C to stop the recording of data.


The resulting file will list all processes on your computer (browsers, IM clients, email programs, etc.) that have made an internet connection in the last two minutes, or however long you waited before pressing Ctrl + C. It also lists which processes connected to which websites.

If you see process names or website addresses with which you are not familiar, you can search for “what is (name of unknown process)” in Google and see what it is. It may be a system function you don’t know about or a function of one of your running programs. However, if it seems like a bad site, you can use Google again to find out how to get rid of it.


Using TCPView to Check What Your PC is Connecting To
The excellent TCPView utility that comes in the SysInternals toolkit will let you quickly see exactly what processes are connecting to what resources on the Internet, and even let you end the process, close the connection, or do a quick Whois lookup to give you more information.

If all of the connections are in the TIME_WAIT state, that means that the connection is being closed, and there isn’t a process to assign the connection to, so they should up as assigned to PID 0 since there’s no PID to assign it to.
Using CurrPorts to Check What Your PC is Connecting To:


You can also use a free tool, called CurrPorts, to display a list of all currently opened TCP/IP and UDP ports on your local computer. It is a portable program and doesn’t need to be installed. To use it, extract the .zip file you downloaded and run cports.exe.
1 Comment
Making Popcorn link
6/3/2023 09:04:40 am

Thaanks great blog post

Reply



Leave a Reply.

    Archives

    April 2015
    March 2015
    January 2015
    August 2014
    July 2012
    September 2011
    August 2011
    July 2011
    June 2011
    January 2011

    Categories

    All
    All
    Antivirus
    Scripts
    Seo

    RSS Feed


    Links
    • http://www.w3schools.com/
    • http://www.filehippo.com/ 
    • http://www.keygenguru.com/ 

@ Anwar Ahamed Sayed