There are many programs available for monitoring network activity. These usually have to be installed and stay resident.
However, Windows comes with a program called netstat
that can be used to find out if software is connecting to the web (i.e. malware, spyware or otherwise calling home)
I created 2 batch files that use netstat to log current active connections as well as a "live" check.
The batch files*MUST*
be run as admin.
If you are running software for the first time, you can run live_check while the software loads and all network activity will be logged to a text file.
Examine this file and take suspicious IP addresses to an online service like Whatismyip (http://www.whatismyip.com/ip-whois-lookup/
) to find out who is behind them.
, the batch files will record the following:
1) The local and remote address involved in the activity (IP address, ports)
2) The state of the connection (established, waiting etc..)
3) The executable that created the connection
4) The process ID involved.Use:
Run it. Check the created txt file.
Hope you find it useful, please make suggestions for improvement or post your favorite software to do this job!
Tested on my Win7 x64
See attached . . .