You need to run the command line cmd.exe. To do this, select the menu "start" "Execute"item.
In the window that opened, in line with a blinking cursor you need to dial cmd.exe. Press enter. Opened a standard window of the interpreter: this step can skip and go directly to the next step in the command prompt, your file Manager, for example FAR. 111111
Next you need to recruit a network team netstat.exe /?(you can just netstat /?). To run it you can press "Enter". The result is a list with prompts, and exactly what result can give the network program in the operation of certain keys. In this case we will be interested in more detailed information on active network ports and the specific application names.
Next you need to check scans as to whether the attacker is now our car. Enter the following command: Netstat -p tcp –n, or Netstat -p tcp –n. Here you want to draw your attention to the fact that do not occur very often one and the same external IP address (1st IP address of your local machine). In addition, about the attempted invasion may also reveal a huge number of records of this type are : SYN_SENT, TIME_WAIT with the same IP. Unsafe you can take frequent replays of network ports 139, 445 TCP and 137, and 445 UDP Protocol, with an external IP.
We can assume that we are lucky, external invasion is not seen, and we continue to look for "bad app" which devours the traffic.
Entering the following: Netstat –b (here, admin rights required). It unloaded a huge Protocol operation statistics on the Internet your applications: This segment of the Protocol shows that the program uTorrent.exe (client to download and upload files in the BitTorrent network) produced the distribution of files on two machines in a network with open ports local 1459 and 1461.
Your right to decide whether to stop the application. Perhaps there is some sense to remove it from startup. There are already to detect the activity of other legitimate programs that work with online services: Skype, Miranda, and 2nd works via a secure Protocol https.
The ultimate goal of this analysis should be the identification of unfamiliar apps that without your knowledge, connect to the Internet (who knows what they convey). Then you have to use different ways of dealing with "bad" applications, starting with disabling them from startup to testing special tools.
Advice 2 : How to find out which program uses the Internet
To determine the maximum load on the connection with the Internet , you must know the process that consumes the traffic. Today, there are various programs that allow you to quickly test the load programs at ports: Nirsoft Curr Ports, Sys Internals Process etc. Most of these programs are distributed for money, which is not always suitable for users of personal computers. In the Windows operating system comes with a tool called Net Stat.
You will need
- Software Net Stat.
To run this program, click the start menu and select Run. In the window that opens, type netstat with the parameter "/?" (to be entered without the quotation marks). The window will display all the parameters with which it is possible to run this program. Among all these you may need options "-a" (display all connections at the moment) and "-o" to display the identification number used for each connection, called a Process ID). Also it can be interesting option "–n". It instructs the program to show the real IP addresses instead of network aliases.
So, to determine the specific process that is spending network traffic, enter a value: Netstat –ao. Now view the results of our query, find the process ID. Knowing ID, it can be easily calculated. Type the following: tasklist | find "ID number" and press Enter. All of the listed examples, you must remove the quotation marks. In the query tasklist | find quotation marks should not be removed. The result of the work done in the programme of work is to obtain the desired process.
You can not use the tasklist command. Open "task Manager" by pressing Ctrl + Alt + Del or Ctrl + Shift + Esc and navigate to the Processes tab. Click menu "View (View), select "Choose columns" (Select Process Page Columns " and check the box next to "PID". Now in the "task Manager" there was a PID column, in which you can define the name of the process.
Advice 3 : How do I find out what traffic
Traffic in computer networks is called the number of transmitted or received for a certain time information. Users of the Internet behind it necessary to monitor very carefully in that case, if from this indicator depends on the amount of a payment services provider in each pay period. To know the amount of wasted Internettrafficand several ways.
You will need
- A contract for an Internet connection or username and password in the personal Cabinet.
Use the "personal account" of the subscriber on the website of your Internet service provider is perhaps the easiest way to know the amount of traffic in the current payment period or for any past months. The log-in link this Cabinet is usually placed on the main page, the login and password is issued together with documents on the connection to the service.
Each provider develops its own individual user interface for the office, so unfortunately, there is no uniform recommendations where it is in the office to look for the indicators used traffic. For example, when using the Home Internet from Beeline immediately after login, go to the tab "Internet" and click the link "Statistics". On the page which opens, you will see a table where for each of the past 13 months (including today) will be separately indicated the amount of traffic spent on receiving and sending, as well as the total number of network time. If you are not using one of the unlimited plans, then this table will be shown, and corresponding to these indicators, the amount of payment.
The names of the months in this table is clickable - if you want more accurate traffic distribution by day within a particular month, click the link. Table broken on the day, in turn, provides the opportunity to see a more accurate distribution of traffic within each of the day sessions.
Use the phone customer support of your Internet service provider if the personal account for some reason unavailable. To know the phone number in the contract on connection to the Internet or received them along with instructions. It must be noted on the website of the company. Call this number and ask the number of traffic you spent with the provider. Be ready to call the contract number and surname/name/patronymic name of the person for whom it is designed.
Install any software to count sent and received data. However, application of this kind is rather convenient for calculations of the distribution of traffic consumed by computers in your local network, and the statistics of the Internet service provider may not match.