You will need
- - the right to run applications on the local computer.
Instruction
1
A properly configured computer will never himself to go into the network. The only exceptions are the planned updates to the operating system and antivirus software. If the computer constantly goes to the network, you can assume its wrong settings or virus activity.
2
To see the network activity of the computer, start a command prompt: "start – All programs – accessories – Command prompt". Type netstat –aon and don't forget to press Enter. You will see a table of five columns. In the first followed by the Protocol – UDP or TCP. The second lists all active connections, while you can see and open on your machine ports. The third column shows the external address, the fourth connection status. In the fifth you can see PID – numeric identifier of the process.
3
Specified in the second column, ports say that they have opened some programs, among which may be Trojans. In order to understand which program opens a particular port in the same window, type the command tasklist – you will see a list of running processes. Thus immediately after the name of the executable file will be process ID.
4
For example, you see that you have opened port 1025, it PID 1480 (your may be different). Find this ID in the list of processes and see what program it belongs to. If you don't know what is this program, type its name in the search engine.
5
The column "Status" allows you to see connection status. For example, LISTENING suggests that the program is in the wait state of the connection. Behave backdoors – Trojans, the server part is on the victim's computer. But in this state, there may be other programs – for example, Windows services. In Windows XP some potentially dangerous ports can be closed with the utility however it can be downloaded online.
6
If you want a full analysis of traffic, use BWmeter. It will monitor all connections to your computer with the ip address, data can be written to the log. The program is useful for computing a spyware, and for the identification and subsequent shut down of various services, climbing to the network without the permission of the owner of the computer.