How to check running programs on a computer. Disable programs running in the background. We clean startup and analyze new applications
With the ubiquity of the Internet, the number of viruses has increased, which seek not only to harm the user's computer, but to transfer his information to third-party servers. At the same time, other malicious applications that can run in the background and interfere with the stable functioning of the computer, such as Bitcoin miners, are becoming more and more active. If you suspect that some applications are secretly using the Internet to transfer data, you can verify this by checking which programs are using the connection at a particular point in time. It can be done Windows tools, but it is more visual to use specialized third-party applications.
How to find out by means of Windows what programs use the Internet
operating room Windows system has a lot of built-in diagnostic utilities without an interface, which work through the command line. Among them is the netstat utility, which monitors the statistics of the computer's connections to third-party servers. To use it, you need to run, and in it enter the command netstat, after which the screen will display a list of active, waiting and other connections, as well as basic information about them - ports and addresses.
The functionality of the utility does not end there, and it allows you to learn more about each of the connections. To in command line information about programs using the Internet is displayed, enter netstat -b. Next to the IP addresses and ports, an exe file working with this connection will be shown.
At the same time, the functionality of the netstat utility is much higher. It allows you to display information about listening ports, the contents of the route table, the offload status of a particular connection, and much more. The average user does not particularly need this information, but it may be needed. system administrator. To see the full list of netstat utility commands, you need to enter at the command line netstat -h.
How to find out what programs are using the Internet using TCPView
There are many different applications that allow you to determine which programs are using the Internet. Among them, we can single out the TCPView utility, which does not require installation on a computer, due to which it is convenient to use it for diagnostic purposes. The TCPView application can be downloaded from the official website of the developers or other trusted sources on the Internet. The application is launched from the TCPView.exe shortcut.
After launching the application, the user will see a complete list of active connections from the computer to third-party servers.
By default, TCPView displays connection information in 12 columns:
- process, - the name of the process itself (the executable file) that uses the connection;
- PID, - number by which the active process is identified by the system;
- Protocol, - protocol used by the program for connection;
- local address, - local address the computer involved in the process;
- local port, - local computer port used by the process;
- remote address, - address remote computer(server) to which the process is connected;
- remote port, - port of the remote computer (server) to which the process is connected;
- State, - the current state of the connection - connected, waiting, closed, and so on;
- Sent Packets, - transmitted number of packets;
- Sent Bytes, - amount of transmitted information in bytes;
- Rcvd Packets, - number of received packets;
- Rcvd Bytes, - amount of received information in bytes.
If the user does not know the name of the process connected to a third-party server, and he doubts its “purity”, you can find out detailed information about it by clicking right click click on the process and select "Process properties". A window will open where the Path column contains the address of the executable file.
If you want to stop the execution of this process, you can click on the "End Process" button.
When you want to disconnect a process from the network, right-click on it in the list and select "Close Connection".
If you need to determine the specific IP address that the computer connects to, you can press Ctrl+R and the address names will be converted to IP.
Protecting information on your personal computer- always an important question for every user. Check browsing history - simple task, with which almost everyone who has little experience with them will cope. And how to look at the history of visiting a computer is a more difficult question.
In addition, the need to check the launch and visit history may arise when buying or selling a computer to strangers. Or when sending the device for repair.
Built-in tool
Operating system Microsoft Windows has its own set of trackers that allow you to track what changes have occurred with the device, what programs have been launched and what errors have occurred in the work. This is just one of the ways to view history on a computer. So, directly to the tool. It is called "Event Log". On older versions operating system you need to do the following:
- go to the "Start" menu;
- activate the computer control panel;
- before looking at the history on the computer, on the left side of the screen, find a line called "Windows History";
- in the list that opens, select the section of interest;
In order to view the startup history of programs on Windows 10, you need to do the following:
- launch the "Windows Search" function;
- enter the phrase "Computer Management";
- in the left part of the window that opens, activate the line called "Event Viewer";
- then you can start working with the "Windows Logs" and "Application and Services Logs" features.
So, we figured out where to look at the history on the computer. Now it's worth checking the list of running programs.
Application startup test
This function makes it possible to check which applications were running on the computer, at what time it happened, and also what errors occurred during operation. To check this information, you must perform the following algorithm:
- in the already launched "Computer Management" window, select the line "Windows Logs";
- after clicking on it, a list will open, an item called "Application" is selected from it;
- after activating it, another list will appear on the right side of the window with various information (it tells you which applications were launched on this device, at what time it happened and what errors occurred at the same time).
Now we can talk about how to view the history of new applications on your computer.
Installation history
In order to check what and when of the programs appeared on your device, you must perform the following steps:
- launch the "Computer Management" window;
- activate the line "Windows Logs";
- Select "Install" from the list that appears. A list of data will appear showing applications installed in the last few months.
It should be noted that this system is not very accurate. The story is given as an example: "05/06/2018 the program was installed. However, latest date installations for 04/13/2018".
How to view the history of turning on and off on a computer
This opportunity allows you to check who used the device in the absence of the owner. If the computer is password protected, you can check how many times someone has tried to get into the system.
Verify this information using the same algorithm:
- by using " Windows Search" on the taskbar, go to the "Computer Management" program;
- in the window that opens, select "Windows Logs";
- in this case, you must refer to the line "System";
- after its activation, a list of events that occurred during the operation of the computer will open.
To check everything in direct order, you need to sort the information by date. Then you can simply check the information for the time that interests you.
How to check file modification date?
To find out if anything happened to the device while you were away, you can check the status of the files. More precisely - the date of their change. It is done like this:
- go to the directory of the desired file;
- right-click on the application shortcut, and select "Properties" in the list that appears;
- in the new window, scroll down to the lines "Created" and "Changed".
That's all the action.
Since ancient times, people have watched each other. Now, with the advent of computers, it has become much easier to monitor a person, and having access to a user's PC, you can even find out what he does on the Web, what programs he runs, what he opens, etc. How to view history on a computer?
If other people use your computer, then the easiest way to find out what was done with your PC is to install a keylogger. Keylogger is a special program that saves all passwords entered on the computer, remembers correspondence in Skype or ICQ. In addition, in the program settings, you can set the automatic creation of screenshots. Moreover, the other user will not even suspect that he is being followed. True, most of the keyloggers are paid programs.
But there is free replacement keylogger - program diary Punto Switcher. The utility, which automatically switches languages, has a special diary in which all text entered on the computer from the keyboard is saved. Thus, the program without the knowledge of the user saves all his passwords, logins and correspondence in a special file.
If you do not want other users to read your diary, you can set a password for it. Activating the diary is quite simple. It is enough to install Punto Switcher and right-click on the program icon in the tray. Then you need to select the "Settings" menu item.
In the new window, select the "Diary" tab, put a tick next to the "Keep a diary" item, click "Apply", and then the "OK" button.
Are you interested in correspondence in ICQ or any other program? It is enough to open the folder with the program, find the History folder and open the file with notepad.
In addition to passwords and correspondence, you can find out which programs were running on your computer in your absence. The first step is to open the "Prefetch" folder located at C:\Windows\Prefetch. Then sort the files in the folder by date.
Most of the files in this folder will be known to you. Each file is a program whose last run is marked in the Date Modified column.
By learning what programs were running on the PC, you can get information about the documents that were opened on the computer. To do this, activate the "Recent Documents" item in the "Start" menu. In Windows XP, it was installed by default, but in Windows 7/8, Microsoft hid it from prying eyes.
So, click the "Start" button, on the "All Programs" tab, right-click and select "Properties".
In the new window on the "Start Menu" tab, click on the "Customize" button.
In the "Start Menu Customization" tab, scroll to about the middle and put a checkmark next to the "Recent Documents" item. Confirm with the "OK" button and close the settings.
Windows has a special event log that displays information about turning on / off the computer and the programs used. To see this log, open the "Start" menu, right-click on the "Computer" tab and select "Manage".
Then, on the left, select the "Event Viewer" tab and study the information offered by the system.
But most users are interested in which sites they visited from a particular browser. For example, to learn the history of Google Chrome, you need to launch the browser and press two buttons on the keyboard at the same time: CTRL and H.
True, if a user has cleaned up the traces of his activities on your computer with special programs, for example, CCleaner, then it will be quite difficult, and sometimes impossible, to get information about the actions on the PC.
In this article, I continue the topic of optimizing your computer, today we will stop some programs running in the background to speed up and speed up your PC.
In the last lesson we disable programs from startup(if you have not read this lesson, then I advise you to start with it, the link is at the end of this article), thereby increasing performance, and now we will turn off Windows services running in the background.
Any of these services can be either system or third-party, but they all eat up their small part of the system resources, given that there are several dozen of them, the load increases noticeably.
Of course, in most cases system programs those working in the background are needed for the normal operation of the computer, but there are those that are not needed at all and are unlikely to be needed by anyone.
When shutting down on your own, you need to be extremely careful, disabling any process, you need to know for what it is responsible so as not to harm the OS. Below I will give a small list of what can be excluded and what to put in manual mode.
What programs can be disabled?
To do this, you need to log in Service Management by right-clicking on the shortcut of my computer, which is located on yours or in select computer. In the menu that appears, select Control
then click on Services and Applications and last point Services. Here you can see all the necessary unnecessary programs working in the background, in total, I have accumulated more than 150 of them!
First of all, I advise you to look through the entire list and find some of the familiar programs that you may have installed and simply disable them.
For example: torrent clients µTorrent or BitComet you can safely turn them off, unless of course you don’t distribute any files day and night. Program Skype(Skype) if you call once a month, then why would he absorb daily resources for nothing?
Also with other programs, if there is no need for its every minute work, feel free to stop it. In no case do not confuse, disabling the program does not imply that it will not work in the future! When you need it, just run it with , as you normally would.
The background mode is a standby mode, that is, the program is always running, although it is not used.
And finally, the list I promised Windows Services which can be turned off for sure or switched to manual mode.
parental control- turn off
KtmRm for Distributed Transaction Coordinator– manually
Adaptive adjustment- turn off the brightness is necessary only for PC owners. with built-in light sensor for automatic monitor brightness adjustment
WWAN auto setup- disable if you do not have CDMA or GSM modules
Windows Firewall- disable if your antivirus has this service
Computer browser– transfer manually when not in use local network
Support IP Service- turn off
Secondary login– disable or manually
Dispatcher automatic connections remote access
– disable or manually
Print Manager- turn off if you do not use the printer
Windows Defender- disable, completely unnecessary service
Distributed transaction coordinator- turn off
NetBIOS Support Module- disable, but provided that there is no local network (combining from 2 computers or more)
Configuring a Remote Desktop Server- turn off
Bluetooth support service– turn off, I don’t think it’s relevant now.
Windows Image Upload Service (WIA)- if you use a scanner, then do not touch anything
Remote Service Windows controls
- turn off
Remote Desktop Service- turn off
Smartcard- turn off
Tablet PC Input Service- turn off
Remote registry- everything here is generally bad there is an opinion that this is a kind of opened door for a virus that can change the system registry. Definitely disable
Fax- turn off, in general the last century.
To disable the service, double-click on it with the left mouse button, a window will open where we change the value Startup type from Automatic to Disabled then Stop//Apply//OK. This is how we deal with every service we don't like.
This is the list of services that I was able to find out about, I will be glad if someone can add it in the comments to this article.
This concludes this article, but the topic of optimization should be continued, subscribe to updates so as not to miss it and other subsequent articles.
There are situations when it is necessary find out what programs are running on the computer. For example, if you want a wife, a husband, a computer genius cat. Or you are a computer wizard and you need to find out what led to the breakdown or infection of your client's computer.
There are several ways to find out which programs were running in your absence. In this article I will consider all the methods known to me. If I miss something, I will be glad for your angry comments and rotten tomatoes (within the limits of what is permitted, of course).
So, you can find out which programs were launched with:
- Windows Explorer
- Windows Registry
- Keyloggers
- Special programs
The chapters of this article will be arranged in the same order, so you can always jump to the chapter you need without reading the entire article.
Find out what programs were launched using Windows Explorer
If you need to know when a certain program was launched, for example, you need to know when the browser was launched Mozilla Firefox. You can do this using Windows Explorer.
But first you need to decide what is the process of launching the program. In general, this is a search for an executable file in file system operating system, reading its contents from hard drive in RAM and providing control to the starting point. In simple terms, each application launch is accompanied by a file reading operation.
So, go to My Computer - C: / Program Files , we find there a folder with installed program. In the folder we find the executable file. In our case, this is the firefox.exe file. click right click on the file. Select File Properties from the drop down menu. And on the General tab we see the following picture:
How to see when the program was launched
As you can see in the screenshot above, the Properties tab allows us to view various information, including information about:
- File creation time (Created)
- File modification time (Modified)
- File Access Time (Accessed)
Of course, this information can be deliberately changed by copying, deleting or opening the file in notepad. Nevertheless, timestamps under normal conditions of using programs can be used in situations where you need to find out the time when programs were last launched.
Find out which programs were launched using the Windows registry
If you are an advanced user, you can not use third-party programs, but look for information about running programs in the Windows registry.
If you're going to be messing around with the registry, I highly recommend making a backup!
Data about running programs is located in these registry branches:
- Registry Key: HKEY_CURRENT_USER\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
- Registry Key: HKEY_CURRENT_USER\Microsoft\Windows\ShellNoRoam\MUICache
- Registry Key: HKEY_CURRENT_USER\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted
- Registry Key: HKEY_CURRENT_USER\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store
- Windows Prefetch folder (C:\Windows\Prefetch)
This method can be recommended to people who have a lot of extra time or computer geeks. To everyone else, I advise you to save your psyche and resort to help. special programs or keyloggers. Especially if they weigh little, do not require installation, are free and do not ask to eat.
Finding out the launch time of programs using Keyloggers
Another way to find out the startup time of programs is to use keyloggers(keyloggers). In addition to the main function, with the help of these programs you can find out logins and passwords and other text typed on the keyboard.
By the way, if you still do not know what a keylogger is and how it works, I advise you to read the article. We talked about all types of these keyloggers there, or as they are also called keyloggers.
Find out the launch time of programs using special utilities
Now let's move on to special utilities, which were created specifically to find out when, how and by whom this or that program was launched. In this article, I will talk about two such programs - this is ExecutedProgramsList and LastActivityView.
ExecutedProgramsList
ExecutedProgramsList is a small utility that can display a list of programs and batch files that were previously running on your system. The author of the program is the famous Israeli programmer Nir Sofer, who has written a huge number of free programs.
So, we launch the application and scan the computer.
After the scan is completed, you will see a list of programs. For each running program, the utility will show:
- File name
- Change time
- Time of creation
- Start time
- file size
- File attribute
- Extension
- Program version
- Company name
The utility works for everyone Windows versions, starting with Windows XP and ending with Windows 8 (maybe Windows 10). On 32 and 64 bit systems.
Download the ExecutedProgramsList program for free, from the developer's website, you can use this. And by downloading the crack, which must be unzipped and thrown into the folder with the program.
LastActivityView
LastActivityView is another small, free utility by Nir Sofer, which is used to collect data regarding the activity of the PC user. The program collects information and displays it in a special event log.
Using the LastActivityView application, you can quickly and easily find out the time of an event, information about when the computer was turned on or off, which specific .exe files were launched and when.
That seems to be all. Hope this review has helped you. If you have something to say, I will be glad to your comments. Good luck to all! And don't forget to follow us on in social networks or share the link with your friends!