External communication Free software "TCPEye" that can check whether the process in operation is a virus
Make a notice of a crime by remotely operating via thread on the bulletin boardIf you want to find such a suspicious movement, you can check with a plurality of anti-virus engines whether the process communicating with the outside is a virus, and check who you are communicating with It is possible and free software that will let you know by pop-up when you start communicating with the outside "TCPEye"is. It can be started on Windows XP · Vista · 7 · Server 2003 · Server 2008.
For downloading & installation, checking process of unknown process, connection monitoring etc. from the following.
Download | TCPmonitor Freeware Utilities
◆ Download & Installation
Click "Download" on the above site.
Click "Download Now"
Execute the downloaded EXE file.
Click "Next Step"
I will not install things other than TCPEye such as toolbar, so uncheck and click "Next Step".
Click "Install Now"
The operation screen is displayed. On the operation screen, the local IP address, global IP address, communication status, protocol, indication of the country of communication destination.
If you further move the scroll bar at the bottom, product name, company, file name, version will also be displayed.
◆ How to check unknown process
You can inspect files with multiple anti-virus enginesVirusTotalIf you want the process to check if the virus is using the process, right click on the process to check and click "Cechk Whit VirusTotal".
Wait until the uploading of the file executing the process is completed. Up to 10 MB of file capacity can be uploaded.
The result will be displayed in the browser.
To display the location of the communication destination from the IP address on the map, right click on the process and click "GeoIP Tool".
You can check on the map whether the location of the communication destination is not suspicious as follows.
To check the host information of the communication destination, right click on the process and click "Whois IP".
You can check the host information.
If you want to inform a pop-up of a new connection in order to monitor whether a connection you do not know well when not doing anything, etc., is running, click "Established Notification" in "Options" on the menu bar.
If there is a connection you will let us know from TCPEye on the task tray.
To display the process properties, click on the process and click "Process Properties" from "Process" in the menu bar.
The following is the display of properties.
To save the information displayed on the operation screen, click "Save" from "File" in the menu bar and it is OK