How to discover the cause of tens of thousands of UDP connections on Windows?

K

Kkrnd2021-02-15 22:13:28

System administration

Kkrnd, 2021-02-15 22:13:28

The provider called and complained that network activity similar to a botnet attack was being carried out from my address. They even threw off the schedule of how I alone deal with the network of a city-wide provider:

The problem appeared at about the same time as the replacement of the router, I reflashed it just in case, but I don’t want to wait until they knock from the TP again, I want proactive actions.
Checking the system with CureIt and KRD did not help. Reinstalling Windows didn't help - maybe one of my daily programs is messing up. Wireshark did not master. Can you please tell me how to detect this behavior? Preferably with a graphical interface, so that the stupid understand. LiveTcpUdpWatch set, but how to understand what behavior is correct and what is not - I have no experience. Or will an antivirus with a firewall be enough? Tell me please.

I forgot to point out that the problem is floating - spam does not occur constantly, in segments of several hours a day.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

K

ky0, 2021-02-15
@ky0

Wireshark failed

Master it.

G

Griboks, 2021-02-16
@Griboks

TCPView

F

fpir, 2021-02-27
@fpir

Even I don’t understand, if there is activity from the computer, then to find out the source stupidly, the resource monitor is enough.