Information on the use of the portof am may be necessary in the case of suspected infection by computer Trojans. On it, in particular, may indicate features such as increased traffic or network activity of the computer at the time, when you do not use the Internet.
If you suspect infection of your computer first check which local portyou opened on it. To do this, open a command prompt: "start" - "All programs" - "Accessories" - "Command prompt". Enter in the terminal window the command netstat – aon, it will show all current connections.
In the first column of the list indicates the type of connection. In the second local address and the used port. The column "Foreign address" shows the address which connects your computer. In the column "Status" you can view the status of the connection – whether it exists in the moment - ESTABLISHED, over – TIME_WITE or program listens to the port, that is ready for communication – LISTENING. Finally, the PID column shows the process ID is a numeric code through which you can easily understand what the process is "hanging" on a particular port.
Type in the same window, the tasklist command, you will see a list of running processes. In the second column, just behind the names of the processes indicated by their identifiers. For example, you see on the first list that you open a local port 3564. Then look in the last column (PID) and find the process ID – for example, 3388 (data are different). Now go to the second table, the second column the PID 3388 and to the left of it you see the name of the opened this port of the program.
To get more information about addresses that connects to your computer, use the appropriate network services. For example, this: http://www.ip-ping.ru/whois/ Enter in the desired ip address, click "Request" and you will get all available data.