A computer connected to the Internet is potentially vulnerable to hacker attacks. Every day more and more virus and Trojans are created, so even an antivirus with hourly updated antivirus databases does not guarantee complete security. It is not uncommon for a user to want to see a complete list of currently existing connections.
Instructions
Step 1
To view a list of Internet connections, open the command line: "Start" - "All Programs" - "Accessories" - "Command Line". Enter the command netstat –aon and press Enter.
Step 2
In the column "Local address" you will see a list of connections with the ports used. The column "External address" shows the ip-addresses of the remote computers with which the connection is made. The "Status" column describes the current state of the connections: ESTABLISHED - connection established, CLOSE_WAIT - connection closed, LISTENING - connection pending state.
Step 3
The PID graph shows the IDs of the processes using the connection data. To find out the names of the processes, type tasklist at the command line. In the "Image name" column you will see a list of processes, in the PID column - the identifiers of these processes.
Step 4
If you see any suspicious process connecting to the Internet or in standby mode, you can always identify it by its identifier. If you are unfamiliar with the process name, use the Everest program. Run it, open the "Operating System" - "Processes" tab. Once you find the process you need, you can figure out which program it belongs to.
Step 5
For the same purpose, you can use the AnVir Task Manager program. It shows a list of all processes in the system and determines the degree of their danger. You will be able to determine where the program files are located and how it is launched. You can close any process if necessary.
Step 6
You can kill any process from the command line with the taskkill command. It is most convenient to close processes using their identifiers. For example, a running program has an identifier of 1460. To close it, type taskkill / pid 1460 / f at the command line and press Enter. The f parameter at the end of the command specifies the forced termination of the process.
