Your computer makes tons of Internet connection in a daylight’s business, and not all of them are necessarily or surely sites that you are well-informed connections are happening with.
Although some of these connections are innocuous, there’s always the chance to have some malware, adware or spyware with your Internet connection in the background without your knowledge.
Here’s how to see what is going on under the hood.
We are going to cover three option that you can see your computer’s active connections.
Readmore: Joztips
- Option One: Check Active Connection with PowerShell (or Command Prompt)
- Option Two: check active Connections By Using TCP view
- Option Three: Check active Connection By Using CurrPorts
That also get the job done and may be more convenient.
Option One: Check Active Connection with Command prompt (or PowerShell)
This option uses the netstat command to create a list of the whole thing that has made an Internet connection in a specified amount of time.
You can do this on any computer that runs Windows, from Windows XP Service Pack 2 up to Windows 10. And you can do it using Command Prompt (CMD) either PowerShell. The command works the same in both. (This command is the same in both cases).
You can do this on any computer that runs Windows, from Windows XP Service Pack 2 up to Windows 10. And you can do it using Command Prompt (CMD) either PowerShell. The command works the same in both. (This command is the same in both cases).
If you use windows 8 or 10, Run the PowerShell as an administrator by hitting Windows+X, and then select “PowerShell (Admin)” from the Power User menu. If you use the Command Prompt instead, you would also have to run that as an administrator.
If you use Windows 7, you should tap Start menu in the pop-up window, type “PowerShell” in the search box of the windows, then right-click on the PowerShell and then select “Run as administrator” instead. And if you use the windows version before Windows 7, you must run the Command Prompt (CMD) as an administrator.
If you use Windows 7, you should tap Start menu in the pop-up window, type “PowerShell” in the search box of the windows, then right-click on the PowerShell and then select “Run as administrator” instead. And if you use the windows version before Windows 7, you must run the Command Prompt (CMD) as an administrator.
At the command prompt or PowerShell, type the following command, and then press Enter Button.
netstat –abf 5 > activity.txt
We’re using five modifiers on the netstat command.
1: The (a) option tells it to show all connections and listening ports.
2: The(b) option adds what application is making the connection to the results.
3: The (f) option displays the full DNS name for each connection option so that you can more easily understand where the connections are being made.
4: The (5) option causes the command to poll every five seconds for connections (to make it more easy to track what is going on).
5: We’re then using the piping symbol “>” to save the results to a text file named “activity.txt.”
After the issuance of the command, wait a few minutes, then tap Ctrl+C to stop the recording of data.
When you stopped the recording data, you need to open the file activity.txt to view the results. You can open the file in Notepad instantly through PowerShell prompt by typing “activity.txt” and then hit Enter button.
The text file is stored or save in the \Windows\System32 folder if you want to find it subsequent or open it in another editor.
The activity.txt file lists and reviews all processes on your computer (email programs, browsers, IM clients etc.) that have made an Internet connection in the during of time which you left the command running. This includes connections both established and open ports that apps or services are listening for traffic. The file also lists which processes connected to which websites.
If you do not know the process names or websites addresses, you can search Google for “what is (name of the unknown process)” and see what it is. It is possible we have even covered it ourselves as part of our ongoing series explaining several processes found in Task Manager.
However, if a site appears to be a bad site, you can use again Google to find out how to get rid of it.
However, if a site appears to be a bad site, you can use again Google to find out how to get rid of it.
Option Two: check active Connections By Using TCP view
The superb TCPView utility that comes in the SysInternals toolkit lets you see exactly what process is connected to what resources on the Internet, and it even allows you to end the process, close the connection, or do a Quick Whois lookup to get more information. It is definitely our first choice when it detects problems or just tries to get more information about your PC.
Note: When you load TCPView the first time, you may see a large number of connections from [System Process] to all sorts of Internet addresses, but this usually not a problem. If all connections are in TIME_WAIT state or mode, this means that the connection is closed, and there no process to assign the connection to it, so they should up as assign to PID 0 since there is no PID to assign it to.
This usually happens when you load up TCPView after having connected to a group of things, but it must go away after all the connections close and you keep TCPView open.
Option Three: Check active Connection By Using CurrPorts
You also can use a free tool called CurrPorts, to display a list of all presently opened TCP/IP’s and UDP ports on your local computer. It is a bit more focused tool than TCPView.
For each port, CurrPorts lists information about the process that opened the port. You can close the connections, copy port’s information to the clipboard, either save that information to different file formats. You can arrange the columns displayed in the CurrPorts main window and in the files you save. To sort the list by a particular column, just tap on the header of that column.
CurrPorts runs on everything from Windows NT to Windows 10. Just note that there is a separate version of CurrPorts for 64-bit versions of Windows. You can find out more information about CurrPorts and how to use it on their website.
0 comments: