How to Detect Unauthorized Connections created by Windows PC – Guide
Every day, people like you are spending more and more time online. Through the connections your computer forms with other sources, you get the information you want from the Internet. Most of the time, these connections are entirely harmless, but malevolent behavior could be taking place below the surface. You may not be aware that your computer is transferring confidential information. ..
If you’re concerned about malware or a security issue, there are a few simple techniques you can use to examine all the connections your computer is making. Viewing a list of open ports and processes can reveal illicit connections or data transmissions. There are several tools that can show you connection information. This post will show you how to use two web tools and a Windows procedure to do this. ..
How to Detect unauthorized connections that a Windows computer is creating
Using PowerShell
To access your connections using PowerShell, first press Win + x. The Power User menu will open. This menu provides shortcuts to various tools in Windows.
Then select the option for PowerShell (admin). You need administrator privileges to run this tool.
netstat -an | grep 5 > activity.txt ..
To start recording your computer’s connections, press the “Windows key + R” to open the Run dialog box, type “netstat -an”, and press Enter. Your computer will start recording connections being made and save them to a text file. ..
The program will run for a few minutes and then you can continue working on something else.
Stop recording data by pressing Ctrl + C.
The activity.txt file contains the data the program recorded while it was running.
Open the text file in Notepad. ..
This Notepad document is stored in the System32 folder. If you need to refer to it later, you can use the following path: C:\Windows\System32
If you find something on the list that you don’t recognize, look it up online. If it’s something that could be dangerous to your computer or privacy, search again to find out. How to remove it.
Using TCPView
Microsoft’s TCPView is an online tool that allows users to view connections in real time. This tool is part of the SysInternals toolkit, and can be downloaded for free. When running TCPView, users will be viewing the list of connections in real time. Since it’s real-time, users can terminate processes, close connections, and search up more information directly from the tool. ..
The TCPView download site provides access to a variety of tools and resources that can be used to troubleshoot and optimize TCP/IP networks. ..
Download TCPView.
After downloading and extracting the files from the .zip folder, you will have a new folder called “Data”. This folder contains all of your datafiles that you have downloaded.
TCPView is a tool that allows you to view the contents of TCP connections.
If you’re using a computer connected to the internet, the tool will show you all of the websites and programs that are currently open on your computer. If you see something you’re not sure about, right-click on the process and click on “Whois…” to get more information about it. ..
As the program is running, data is highlighted in red, yellow, or green. These colors call attention to any changes in the processes. A green highlight shows a device connection that has just been opened, and when it closes it will turn red. Yellow highlights indicate that a change has occurred in this connection.
The program is fast and the display jumps around a lot, making it difficult to click on a specific line. ..
If you plan on using this frequently, you might want to make sure that you have the application’s executable file on your desktop or carefully note where you saved it. The executable does not create an icon or add it to your program list.
CurrPorts
Nirsoft’s CurrPorts is a tool that can be downloaded from the company’s website. It is similar to TCPView, but offers more focused information and highlights suspicious activity. Additionally, CurrPorts has the ability to show changes in connections, making it an ideal tool for monitoring online activity.
To get the tool, please download it. It is near the bottom of the page, so keep scrolling. Make sure you download the correct version if you need the program for a 64-bit version of Windows. ..
The installation process for TCPView is the same as that of TCPView.
If you think something strange is going on with your computer, these programs and tools can help you find a solution to the problem.
Final note
This guide is designed to help you detect unauthorized connections on your Windows PC. If you have any questions about this article, please don’t hesitate to ask us. Additionally, please share this guide with your friends so that they can also benefit from it.
