TCPView shows multiple [System Process] network connections...

  1. Thelps's Avatar
    Posts : 107
    Windows
       #1

    TCPView shows multiple [System Process] network connections...


    Hi all,

    TCPView is showing multiple network connections listed as [System Process].

    These are usually connected to unrecognized IPs and certainly not IPs I would want the system to automatically connect to without request or authorization on the part of the user.

    Does this indicate malware? This isn't the usual block of Akamai servers that Windows Update uses to download updates.

    I've tried an AV scan but it shows no results.

    I've tried blocking these IPs with a firewall but plenty more IPs from entirely different domains keep appearing under [System Process]​.

    How are they establishing connections, how can I identify these unknown processes and how can I completely prevent this activity without using a firewall that requires manual authorization for EVERY connection (this computer's user couldn't handle that level of complexity).

    The OS is Windows 10.

    Much appreciated.
      My Computer

  2. Samuria's Avatar
    Posts : 6,558
    windows 10
       #2

    If you can give us a list that will give us a better idea of what's going on. It worth checking schedule task to see if any of them are doing it
      My Computer

  3. Thelps's Avatar
    Posts : 107
    Windows
    Thread Starter
       #3

    Samuria said:
    If you can give us a list that will give us a better idea of what's going on. It worth checking schedule task to see if any of them are doing it
    The list has a huge variation of IPs. I haven't noted any pattern in what IPs appear.

    Could you suggest how I could identify this process or set of processes referred to as [System Process]?
      My Computer

  4. TairikuOkami's Avatar
    Posts : 5,024
    Windows 11 Home
       #4

    If you see it with TIME_WAIT, do not worry about it, it is normal.

    system idle process and TCP/IP - Sysinternals Forums
    Attached Thumbnails Attached Thumbnails TCPView shows multiple [System Process] network connections...-capture_07122017_232853.jpg  
      My Computer

  5. Thelps's Avatar
    Posts : 107
    Windows
    Thread Starter
       #5

    TairikuOkami said:
    If you see it with TIME_WAIT, do not worry about it, it is normal.

    system idle process and TCP/IP - Sysinternals Forums
    So the System Idle Process represents connections that are in the process of being dropped.

    However, what ARE these connections? I don't recognize their IPs at all.

    Also, why is Explorer making network connections to unknown IPs and how can I stop that? I have the explorer.exe firewalled and denied access to the internet but it is continuing to connect. I understand this is probably just Windows Update but would like to control all network traffic and only allow wuausrv and other explorer-based programs network access when I'm aware of what they're doing.

    Further advice much appreciated.
      My Computer

  6. Thelps's Avatar
    Posts : 107
    Windows
    Thread Starter
       #6

    I'd really appreciate it if someone could shed further assistance on the topic.
      My Computer



  7. RLS
    Posts : 2
    Windows 10 version 2004
       #7

    I would appreciate more knowledge about TCP View and what this means also. I have multiple remote connections listed and do not recognize them. I attached a screen shot. I have had a computer stalker in the past, so would great appreciate anyone's expertise on this.

    - - - Updated - - -

    Here is the shotTCPView shows multiple [System Process] network connections...-tcp-view-screenshot-151pm-5-5-2021.png
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 22:31.
Find Us




Windows 10 Forums