The need to determine which ports uses the program (or any program uses ports), typically occurs in the case of suspected infection by computer Trojans. If you notice something suspicious, open a command prompt: "start" – "All programs" – "Accessories" – "Command prompt".
At the command prompt command tasklist and hit Enter. You will get information about all running system processes. Note the PID is the process ID. It will help to determine which program uses a particular port.
In command prompt type netstat –aon and press Enter. You will see a list of current connections. In the column "Local address" at the end of each line indicates the port number. In the graph the PID specified process IDs. Looking at the port number and the corresponding PID, go to the processes list and the ID number will determine which process is using this port.
If you are unable to name the process to understand which program it belongs to, use the one suitable in this case programs. For example, a program Everest, it is also Aida64. Run the program, select "Operating system", select "Processes". In the processes list find the right and view the line of its launch. This will help to determine which program owns a process.
Use for the same purpose the program AnVir Task Manager. It allows you to track all the suspicious processes, including the process of programs linking to the Internet. All suspicious processes are highlighted in the programs list in red.
If you see that port being used unknown to you program, in the presence of the current connection in the "External address" (netstat –aon), you will see the ip address of the computer from which the connection is established. In the column "Status" will be the value ESTABLISHED – if the connection is present at the moment; CLOSE_WAIT if the connection is closed; LISTENING, if the program is waiting for connection. The latter is typical for backdoors - one of the varieties of Trojans.
Advice 2 : How to find a free port
When data is exchanged between network nodes the TCP Protocol addresses the packages of certain applications that process the information. In each packet specify the source port and destination port. A port is a conventional number from 1 to 65535 that identifies which application receives the packet.
Ports, ready to receive packets, called open. Find them on the computer using special software scanners. Many online services offer this service. Go to the website PortScan.Ru (http://portscan.ru/fullscan.php). In the tab "Online scanner", click the "Services & protocols" to find the open ports and learn to work with what applications they are configured.
Spyware programs usually use some specific ports for the unauthorized access to information. Click on the "Trojans and viruses" to find out whether or not these ports on your computer. There you can see a list of malware that connect to each port.
For example, if you have Windows Firewall enabled, go to the tab "Exceptions" and click the "Change scope". Turn the switch to "custom list" and enter the IP of the service 184.108.40.206. Press OK to confirm.
In the window "scan Settings", enter the range of ports you want to scan. This value is best left at default. Click "Start scan" to start scanning. In the list of checked ports in red will be marked open.
To check the status of the ports PC means Windows. The key combination Win+R to call the string "Open" and enter the command cmd. In the command window, type netstat –a –n –o. The program displays a list of all active connections. In the column "Local address" after the colon with the IP of your computer indicate the number of the port. It corresponds to the process number from the PID column.
To know number of process its name, call the "process Manager" Ctrl+Alt+Delete and go to the tab "Processes". Find the correspondence between the process ID and its name in the column "image Name".