Programs such as malware can be running on your PC without your knowledge. Malware which includes worms, virus, keystroke loggers, spyware are harmful to your pc. They can either erase or steal your files. The presence of malware can make your pc to be slow. If you suspect that your pc is infected with malware, you can use the netstat command on windows NT, Xp and linux.
Netstat stands for network statistics. Netstat shows all the current running programs on your pc with their ip (internet address). To use the netstat, close all programs except the command prompt window. Also disconnect from the internet. If any program is still running do a google search for the program to find out what program is that.
To run netstat, click on Start -> Run ->Type cmd -> Click ok to open the command prompt window
When the command prompt window opens, you type in any of these parameters
-a : Displays all active TCP connections and the TCP and UDP ports on which the computer is listening.
-e : Displays Ethernet statistics, such as the number of bytes and packets sent and received. This parameter can be combined with -s.
-n : Displays active TCP connections, however, addresses and port numbers are expressed numerically and no attempt is made to determine names.
-o : Displays active TCP connections and includes the process ID (PID) for each connection. This parameter can be combined with -a, -n, and -p.
-p Protocol : Shows connections for the protocol specified by Protocol.
-s : Displays statistics by protocol. By default, statistics are shown for the TCP, UDP, ICMP, and IP protocols.
-r : Displays the contents of the IP routing table.
/? : Displays help at the command prompt.
Examples
To display both the Ethernet statistics and the statistics for all protocols, type the following command:
netstat -e -s
To display the statistics for only the TCP and UDP protocols, type the following command:
netstat -s -p tcp udp
To display active TCP connections and the process IDs every 5 seconds, type the following command:
netstat -o 5
To display active TCP connections and the process IDs using numerical form, type the following command:
netstat -n -o
To close the command prompt window, type in exit. Source of parameters is here
If you enjoyed this post, make sure you subscribe to my RSS feed!
(No Ratings Yet)
Loading ...
