usually need to see active related compounds suspected of being infected computer spyware.A properly configured computer must be connected to the network only when you open any page or while updating the operating system and database files, the antivirus program.If the indicator of the network connection in the system tray and then "come alive" by itself and the computer, regardless of you, you communicate with the Internet any information necessary to ascertain the reasons for such a network activity.
Open a command prompt to do this: "Start" - "All Programs" - "Accessories" - "Command Prompt."In the next window, enter the command netstat -aon and press Enter.You will see a list of all network connections, the active will be marked in the
"Status" as ESTABLISHED.
Note the column "External address" - it has given ip, which connects to your computer, and connection port.Port 80, for example, is typical for web servers.But if you see some other port, this is cause for alarm.In this case, you need to figure out which installed on your computer application opens the connection.
Look at the last count, there are specified process ID (PID).Remember ID suspicious process, then in the same window, type the command tasklist.A list of processes running on the computer.In the first column are the names of the processes in the second - their IDs.Find ID suspicious process, then his left, look at the name of the program to which it belongs.
What if the process name does not tell you anything?Type it in the search engine and you will get all the information about the process.If information is not available, it is very likely that you have "caught" a new Trojan program, details of which have not yet hit the Internet and database vendors.
Pay attention to which port opens suspicious process - information about the open ports is present in the column "Local Address."Check the processes are idle connections - LISTENING.That is how behave backdoors - Trojans designed for covert connection with an infected computer.The server part of such a program is always "hanging out" at some port and waits for connection to a computer hacker.
For complete control over connections install BWMeter.This is one of the best programs of this class, it will allow you to see which addresses connected to your computer, it is possible to record information in the log.