Category Archives: netstat

How to find – Websites, secretly connected to your computer

Hello dear friends, Hope you all are fine with health and happiness.

Sometimes we use better connections but still we get slow speed which is quite annoying,this things happens due to fact that malware, spyware or any adware using your internet behind the scenes resulting to slow data transfer on original requirement of speed. Here is the technique to know what is going behind the hood.

Third party firewall also provide feature of blocking unwanted connections unless to manage exclusion option for some sites.

netstat command from command prompt window is used to find the network statistics in details. This works in windows XP (out of date) and above i.e vista, 7,8,8.1 etc. In XP only service pack 2 is found to be responsive in this case. netstat command generate list of networks in systematic way in specified amount of time.

First of all log in your computer – window as an administrator (Any changes to the computer or information in the computer can be easily generated from Administrative log)ximg_53e314466c377-png-pagespeed-gpjpjwpjjsrjrprwricpmd-ic-iygyw7ynls

Window 8.x , command prompt is obtained by right clicking on desktop and choosing command prompt (Admin) option. Below 8, command prompt is entered by clicking start menu and entering “cmd.exe” in the search box. When the result display right click on cmd.exe and click run as administrator from popup menu.

2

If user account control Dialogue box appears click yes to continue.(User Account Dialogue Box may or may not appear depending upon your user settings).

4

Type the following command in the command prompt:

netstat -abf 5 > activity.txt

5

Here the  –a option shows all connections and listening ports,

–b option shows the application which is making the connection,

–f option displays the full DNS name for each connection option for easier

understanding of where the connections are being made to.

You can also use the –n option if you wish to only display the IP address.

The 5 option will poll every 5 seconds for connections to make it more easy to track what is going on, and the results are then piped into the activity.txt file.

Wait about two minutes and then press Ctrl + C to stop the recording of data.

Once  recording data is finished, Simply open the activity.txt file in your favorite editor to see the results, or type activity.txt at the command line to open it in Notepad.

The resulting file will list all processes on your computer (browsers, IM clients, email programs, etc.) that have made an internet connection in the last two minutes, or however long you waited before pressing Ctrl + C. It also lists which processes connected to which websites.

If you see process names or website addresses with which you are not familiar, you can search for “what is (name of unknown process)” in Google and see what it is. It may be a system function you don’t know about or a function of one of your running programs. However, if it seems like a bad site, Google helps you to get rid of it.

6

Some third party softwares are also handy in knowing and removing unwanted connections.

CURRPORTS and TCPVIEW are some of the common ones.

Thank you for bearing me ..

Jagat