K
K
Kkrnd2021-02-15 22:13:28
System administration
Kkrnd, 2021-02-15 22:13:28

How to discover the cause of tens of thousands of UDP connections on Windows?

The provider called and complained that network activity similar to a botnet attack was being carried out from my address. They even threw off the schedule of how I alone deal with the network of a city-wide provider:
602ac402dc79f724995738.png
602ac421b7007908346033.png

The problem appeared at about the same time as the replacement of the router, I reflashed it just in case, but I don’t want to wait until they knock from the TP again, I want proactive actions.
Checking the system with CureIt and KRD did not help. Reinstalling Windows didn't help - maybe one of my daily programs is messing up. Wireshark did not master. Can you please tell me how to detect this behavior? Preferably with a graphical interface, so that the stupid understand. LiveTcpUdpWatch set, but how to understand what behavior is correct and what is not - I have no experience. Or will an antivirus with a firewall be enough? Tell me please.

I forgot to point out that the problem is floating - spam does not occur constantly, in segments of several hours a day.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
K
ky0, 2021-02-15
@ky0

Wireshark failed

Master it.

G
Griboks, 2021-02-16
@Griboks

TCPView

F
fpir, 2021-02-27
@fpir

Even I don’t understand, if there is activity from the computer, then to find out the source stupidly, the resource monitor is enough.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question