C:\WINDOWS\system32>netstat -ab Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:135 LAPTOP-KAUQJ8CT:0 LISTENING RpcEptMapper [svchost.exe] TCP 0.0.0.0:445 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:1433 LAPTOP-KAUQJ8CT:0 LISTENING [sqlservr.exe] TCP 0.0.0.0:5040 LAPTOP-KAUQJ8CT:0 LISTENING CDPSvc [svchost.exe] TCP 0.0.0.0:5357 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:49664 LAPTOP-KAUQJ8CT:0 LISTENING [lsass.exe] TCP 0.0.0.0:49665 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:49666 LAPTOP-KAUQJ8CT:0 LISTENING Schedule [svchost.exe] TCP 0.0.0.0:49667 LAPTOP-KAUQJ8CT:0 LISTENING EventLog [svchost.exe] TCP 0.0.0.0:49668 LAPTOP-KAUQJ8CT:0 LISTENING [spoolsv.exe] TCP 0.0.0.0:49669 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:51629 LAPTOP-KAUQJ8CT:0 LISTENING SessionEnv [svchost.exe] TCP 9.211.96.74:139 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP 127.0.0.1:53 LAPTOP-KAUQJ8CT:0 LISTENING [dnscrypt-proxy.exe] TCP 127.0.0.1:4244 LAPTOP-KAUQJ8CT:0 LISTENING [Code42Service.exe] TCP 127.0.0.1:4244 leroyb2c:60453 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:4244 leroyb2c:60684 TIME_WAIT TCP 127.0.0.1:4244 leroyb2c:60691 TIME_WAIT TCP 127.0.0.1:4244 leroyb2c:60692 TIME_WAIT TCP 127.0.0.1:4244 leroyb2c:60704 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:4244 leroyb2c:60715 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:4244 leroyb2c:60716 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:6942 LAPTOP-KAUQJ8CT:0 LISTENING [idea64.exe] TCP 127.0.0.1:17223 LAPTOP-KAUQJ8CT:0 LISTENING [Box Local Com Service.exe] TCP 127.0.0.1:31000 leroyb2c:32000 TIME_WAIT TCP 127.0.0.1:49672 LAPTOP-KAUQJ8CT:0 LISTENING [vpnagent.exe] TCP 127.0.0.1:49673 leroyb2c:62522 ESTABLISHED [acumbrellaagent.exe] TCP 127.0.0.1:49729 LAPTOP-KAUQJ8CT:0 LISTENING [Box.exe] TCP 127.0.0.1:49765 leroyb2c:62722 ESTABLISHED [vpnui.exe] TCP 127.0.0.1:49766 leroyb2c:62522 ESTABLISHED [vpnui.exe] TCP 127.0.0.1:49797 leroyb2c:49798 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49798 leroyb2c:49797 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49799 leroyb2c:49800 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49800 leroyb2c:49799 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49801 leroyb2c:49802 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49802 leroyb2c:49801 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49803 leroyb2c:49804 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49804 leroyb2c:49803 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49805 leroyb2c:49806 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49806 leroyb2c:49805 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49807 leroyb2c:49808 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:49808 leroyb2c:49807 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:55023 leroyb2c:55024 ESTABLISHED [dnscrypt-proxy.exe] TCP 127.0.0.1:55024 leroyb2c:55023 ESTABLISHED [dnscrypt-proxy.exe] TCP 127.0.0.1:55950 leroyb2c:55951 TIME_WAIT TCP 127.0.0.1:56388 leroyb2c:56389 ESTABLISHED [dnscrypt-proxy.exe] TCP 127.0.0.1:56389 leroyb2c:56388 ESTABLISHED [dnscrypt-proxy.exe] TCP 127.0.0.1:56397 LAPTOP-KAUQJ8CT:0 LISTENING [acumbrellaagent.exe] TCP 127.0.0.1:58095 leroyb2c:58096 ESTABLISHED [atmgr.exe] TCP 127.0.0.1:58096 leroyb2c:58095 ESTABLISHED [atmgr.exe] TCP 127.0.0.1:58097 leroyb2c:58098 ESTABLISHED [atmgr.exe] TCP 127.0.0.1:58098 leroyb2c:58097 ESTABLISHED [atmgr.exe] TCP 127.0.0.1:58099 leroyb2c:58100 ESTABLISHED [atmgr.exe] TCP 127.0.0.1:58100 leroyb2c:58099 ESTABLISHED [atmgr.exe] TCP 127.0.0.1:58101 leroyb2c:58102 ESTABLISHED [atmgr.exe] TCP 127.0.0.1:58102 leroyb2c:58101 ESTABLISHED [atmgr.exe] TCP 127.0.0.1:59509 leroyb2c:59510 ESTABLISHED [idea64.exe] TCP 127.0.0.1:59510 leroyb2c:59509 ESTABLISHED [idea64.exe] TCP 127.0.0.1:59511 leroyb2c:59512 ESTABLISHED [idea64.exe] TCP 127.0.0.1:59512 leroyb2c:59511 ESTABLISHED [idea64.exe] TCP 127.0.0.1:60444 leroyb2c:60445 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:60445 leroyb2c:60444 ESTABLISHED [Code42Service.exe] TCP 127.0.0.1:60453 leroyb2c:4244 ESTABLISHED [Code42Desktop.exe] TCP 127.0.0.1:60704 leroyb2c:4244 ESTABLISHED [Code42Desktop.exe] TCP 127.0.0.1:60710 leroyb2c:8009 TIME_WAIT TCP 127.0.0.1:60715 leroyb2c:4244 ESTABLISHED [Code42Desktop.exe] TCP 127.0.0.1:60716 leroyb2c:4244 ESTABLISHED [Code42Desktop.exe] TCP 127.0.0.1:62522 LAPTOP-KAUQJ8CT:0 LISTENING [vpnagent.exe] TCP 127.0.0.1:62522 leroyb2c:49673 ESTABLISHED [vpnagent.exe] TCP 127.0.0.1:62522 leroyb2c:49766 ESTABLISHED [vpnagent.exe] TCP 127.0.0.1:62722 LAPTOP-KAUQJ8CT:0 LISTENING [acumbrellaagent.exe] TCP 127.0.0.1:62722 leroyb2c:49765 ESTABLISHED [acumbrellaagent.exe] TCP 127.0.0.1:63342 LAPTOP-KAUQJ8CT:0 LISTENING [idea64.exe] TCP 192.168.0.3:139 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP 192.168.0.3:49413 52.179.224.121:https ESTABLISHED WpnService [svchost.exe] TCP 192.168.0.3:50383 a23-10-60-234:https ESTABLISHED [chrome.exe] TCP 192.168.0.3:54253 ec2-3-120-171-225:https ESTABLISHED [chrome.exe] TCP 192.168.0.3:56338 129.42.3.13:https ESTABLISHED [vpnagent.exe] TCP 192.168.0.3:56381 aof-sea:4287 ESTABLISHED [Code42Service.exe] TCP 192.168.0.3:59323 central:https ESTABLISHED [Code42Service.exe] TCP 192.168.0.3:59338 ec2-18-229-250-79:https ESTABLISHED [Slack.exe] TCP 192.168.0.3:59345 ec2-18-229-250-79:https ESTABLISHED [Slack.exe] TCP 192.168.0.3:59347 ec2-18-229-250-79:https ESTABLISHED [Slack.exe] TCP 192.168.0.3:59348 ec2-18-229-250-79:https ESTABLISHED [Slack.exe] TCP 192.168.0.3:59365 ec2-18-229-250-79:https ESTABLISHED [Slack.exe] TCP 192.168.0.3:59385 ec2-18-229-250-79:https ESTABLISHED [Slack.exe] TCP 192.168.0.3:60706 a23-37-83-178:http ESTABLISHED WpnUserService_152323 [svchost.exe] TCP 192.168.0.3:60713 52.114.132.91:https TIME_WAIT TCP 192.168.0.3:62454 192.16.58.8:http CLOSE_WAIT [Microsoft.Photos.exe] TCP 192.168.0.3:62702 107.152.26.197:https CLOSE_WAIT [Box.exe] TCP 192.168.0.3:62703 107.152.26.197:https CLOSE_WAIT [Box.exe] TCP 192.168.0.3:65380 107.152.26.202:https ESTABLISHED [Box.exe] TCP [::]:135 LAPTOP-KAUQJ8CT:0 LISTENING RpcEptMapper [svchost.exe] TCP [::]:445 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP [::]:1433 LAPTOP-KAUQJ8CT:0 LISTENING [sqlservr.exe] TCP [::]:5357 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP [::]:49664 LAPTOP-KAUQJ8CT:0 LISTENING [lsass.exe] TCP [::]:49665 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP [::]:49666 LAPTOP-KAUQJ8CT:0 LISTENING Schedule [svchost.exe] TCP [::]:49667 LAPTOP-KAUQJ8CT:0 LISTENING EventLog [svchost.exe] TCP [::]:49668 LAPTOP-KAUQJ8CT:0 LISTENING [spoolsv.exe] TCP [::]:49669 LAPTOP-KAUQJ8CT:0 LISTENING Can not obtain ownership information TCP [::]:51629 LAPTOP-KAUQJ8CT:0 LISTENING SessionEnv [svchost.exe] TCP [::1]:53 LAPTOP-KAUQJ8CT:0 LISTENING [dnscrypt-proxy.exe] TCP [::1]:56419 LAPTOP-KAUQJ8CT:0 LISTENING [acumbrellaagent.exe] TCP [2804:14c:55:86a9:29be:e37e:3544:7d16]:54131 g2600-1419-bc00-0000-0000-0000-1736-14d9:http TIME_WAIT TCP [2804:14c:55:86a9:29be:e37e:3544:7d16]:56392 [2800:3f0:4003:c02::bc]:5228 ESTABLISHED [chrome.exe] TCP [2804:14c:55:86a9:29be:e37e:3544:7d16]:61106 [2620:1ec:c11::200]:https ESTABLISHED [SearchApp.exe] TCP [2804:14c:55:86a9:29be:e37e:3544:7d16]:61109 [2603:1056:402:2::2]:https ESTABLISHED [SearchApp.exe] TCP [2804:14c:55:86a9:29be:e37e:3544:7d16]:65359 [2001:470:1:9f1::24]:https ESTABLISHED [chrome.exe] UDP 0.0.0.0:3702 *:* FDResPub [svchost.exe] UDP 0.0.0.0:3702 *:* FDResPub [svchost.exe] UDP 0.0.0.0:3702 *:* [dashost.exe] UDP 0.0.0.0:3702 *:* [dashost.exe] UDP 0.0.0.0:5050 *:* CDPSvc [svchost.exe] UDP 0.0.0.0:5353 *:* [chrome.exe] UDP 0.0.0.0:5353 *:* Dnscache [svchost.exe] UDP 0.0.0.0:5353 *:* [chrome.exe] UDP 0.0.0.0:5353 *:* [chrome.exe] UDP 0.0.0.0:5353 *:* [chrome.exe] UDP 0.0.0.0:5355 *:* Dnscache [svchost.exe] UDP 0.0.0.0:49667 *:* Can not obtain ownership information UDP 0.0.0.0:49668 *:* Can not obtain ownership information UDP 0.0.0.0:49669 *:* Can not obtain ownership information UDP 0.0.0.0:49671 *:* Can not obtain ownership information UDP 0.0.0.0:49752 *:* [acumbrellaagent.exe] UDP 0.0.0.0:50556 *:* [acumbrellaagent.exe] UDP 0.0.0.0:50568 *:* [acumbrellaagent.exe] UDP 0.0.0.0:50569 *:* [dnscrypt-proxy.exe] UDP 0.0.0.0:51573 *:* [vpnagent.exe] UDP 0.0.0.0:54693 *:* FDResPub [svchost.exe] UDP 0.0.0.0:57190 *:* [acumbrellaagent.exe] UDP 0.0.0.0:60640 *:* [dashost.exe] UDP 9.211.96.74:137 *:* Can not obtain ownership information UDP 9.211.96.74:138 *:* Can not obtain ownership information UDP 9.211.96.74:1900 *:* SSDPSRV [svchost.exe] UDP 9.211.96.74:2177 *:* QWAVE [svchost.exe] UDP 9.211.96.74:51569 *:* SSDPSRV [svchost.exe] UDP 127.0.0.1:53 *:* [dnscrypt-proxy.exe] UDP 127.0.0.1:1900 *:* SSDPSRV [svchost.exe] UDP 127.0.0.1:49666 *:* iphlpsvc [svchost.exe] UDP 127.0.0.1:51064 *:* [acumbrellaagent.exe] UDP 127.0.0.1:51571 *:* SSDPSRV [svchost.exe] UDP 127.0.0.1:58307 *:* NlaSvc [svchost.exe] UDP 192.168.0.3:137 *:* Can not obtain ownership information UDP 192.168.0.3:138 *:* Can not obtain ownership information UDP 192.168.0.3:1900 *:* SSDPSRV [svchost.exe] UDP 192.168.0.3:2177 *:* QWAVE [svchost.exe] UDP 192.168.0.3:51570 *:* SSDPSRV [svchost.exe] UDP [::]:3702 *:* [dashost.exe] UDP [::]:3702 *:* [dashost.exe] UDP [::]:3702 *:* FDResPub [svchost.exe] UDP [::]:3702 *:* FDResPub [svchost.exe] UDP [::]:5353 *:* Dnscache [svchost.exe] UDP [::]:5353 *:* [chrome.exe] UDP [::]:5353 *:* [chrome.exe] UDP [::]:5355 *:* Dnscache [svchost.exe] UDP [::]:49341 *:* [acumbrellaagent.exe] UDP [::]:49351 *:* [acumbrellaagent.exe] UDP [::]:49670 *:* Can not obtain ownership information UDP [::]:50559 *:* [acumbrellaagent.exe] UDP [::]:50562 *:* [dnscrypt-proxy.exe] UDP [::]:50564 *:* [dnscrypt-proxy.exe] UDP [::]:50567 *:* [dnscrypt-proxy.exe] UDP [::]:50570 *:* [dnscrypt-proxy.exe] UDP [::]:54694 *:* FDResPub [svchost.exe] UDP [::]:57190 *:* [acumbrellaagent.exe] UDP [::]:57761 *:* [acumbrellaagent.exe] UDP [::]:60641 *:* [dashost.exe] UDP [::]:63960 *:* [acumbrellaagent.exe] UDP [::]:64197 *:* [acumbrellaagent.exe] UDP [::1]:53 *:* [dnscrypt-proxy.exe] UDP [::1]:1900 *:* SSDPSRV [svchost.exe] UDP [::1]:51568 *:* SSDPSRV [svchost.exe] UDP [::1]:56096 *:* [acumbrellaagent.exe] UDP [2804:14c:55:86a9:29be:e37e:3544:7d16]:2177 *:* QWAVE [svchost.exe] UDP [2804:14c:55:86a9:c551:1e5a:ef18:d512]:2177 *:* QWAVE [svchost.exe] UDP [fe80::ac95:2a3d:89e3:469a%6]:1900 *:* SSDPSRV [svchost.exe] UDP [fe80::ac95:2a3d:89e3:469a%6]:2177 *:* QWAVE [svchost.exe] UDP [fe80::ac95:2a3d:89e3:469a%6]:51566 *:* SSDPSRV [svchost.exe] UDP [fe80::c551:1e5a:ef18:d512%19]:1900 *:* SSDPSRV [svchost.exe] UDP [fe80::c551:1e5a:ef18:d512%19]:2177 *:* QWAVE [svchost.exe] UDP [fe80::c551:1e5a:ef18:d512%19]:51567 *:* SSDPSRV [svchost.exe] C:\WINDOWS\system32>