Instruction
1
A properly configured computer communicates with the Internet only in two cases: when you are working in a network and update the antivirus database or operating system. If you see that the computer itself "climbs" in the network, it is a reason to scan it.
2
You should know that even protected with antivirus and firewall computer is not invulnerable. Hackers long ago learned how to deceive the most well-known virus protection programs, so carefully follow the behavior of a computer and regularly check the open ports.
3
To check open ports, open a command prompt: "start" - "All programs" - "Accessories" - "Command prompt". There's an easier way: "start" - "Run", enter cmd, and click OK. Enter in the command window netstat –aon, run the utility by pressing Enter.
4
In the first column of the table that appears, specify the type of network connection. The second "Local address" you will see the local address and open ports (for address, after the colon). In the column "Foreign address" indicates the network address, which connects your computer.
5
Pay attention to the section "Status" that indicates the connection status: ESTABLISHED – the connection is established. LISTENING – waiting for a connection. CLOSE_WAIT – the connection is completed. Finally, the last column PID shows the process ID. This is the number under which the particular process appears in the system.
6
Due to the presence of PID you can figure out what program opens a particular port. For example, you see that you have opened the port 1499, ID – 1580 (it will be different). Type in the same window the command line command tasklist. You will see a list of all processes, while the second column contains their identifiers (PID). Now you need to find this column you are interested in PID, in this case 1580. Find, look in the left column, the name of the process – let it be AAWService.exe.
7
If the process name is unfamiliar to you, enter it in the string search engine. Entered, received information the process belongs to the software Ad-Aware. You have on a computer this program? Whether it runs automatically at startup? Whether it is necessary to you? Run Aida64 (Everest) and look at the startup folder and, if necessary, then delete the file Ad-Aware. If you do not like this program then AAWService.exe - the process of a Trojan masquerading as a popular tool. Use this algorithm to check all other applications that open ports.
8
Look for connections with LISTENING. The app listens on the port waiting for a connection. In this way can act as "legal" programs – for example, Windows services and Trojan, pending when they will be connecting to.