How to find out what ports the program uses

The need to determine which ports uses the program (or any program uses ports), typically occurs in the case of suspected infection by computer Trojans. If you notice something suspicious, open a command prompt: "start" – "All programs" – "Accessories" – "Command prompt".

At the command prompt command tasklist and hit Enter. You will get information about all running system processes. Note the PID is the process ID. It will help to determine which program uses a particular port.

In command prompt type netstat –aon and press Enter. You will see a list of current connections. In the column "Local address" at the end of each line indicates the port number. In the graph the PID specified process IDs. Looking at the port number and the corresponding PID, go to the processes list and the ID number will determine which process is using this port.

If you are unable to name the process to understand which program it belongs to, use the one suitable in this case programs. For example, a program Everest, it is also Aida64. Run the program, select "Operating system", select "Processes". In the processes list find the right and view the line of its launch. This will help to determine which program owns a process.

Use for the same purpose the program AnVir Task Manager. It allows you to track all the suspicious processes, including the process of programs linking to the Internet. All suspicious processes are highlighted in the programs list in red.

If you see that port being used unknown to you program, in the presence of the current connection in the "External address" (netstat –aon), you will see the ip address of the computer from which the connection is established. In the column "Status" will be the value ESTABLISHED – if the connection is present at the moment; CLOSE_WAIT if the connection is closed; LISTENING, if the program is waiting for connection. The latter is typical for backdoors - one of the varieties of Trojans.