What software runs secretly behind the scenes in Windows?

Software runs secretly, Have you ever noticed that your internet speed is slowing down? Or the volume of your internet while you are sure that someone is not connected to your internet is decreasing day by day and strangely? 

Software, In such cases, malware such as Malware, Spyware, and may have been installed on your computer, consuming your Internet without your knowledge.

In many cases, software such as firewall or as a firewall connections Unknown and mysterious discovery and action to close them, but in some cases, malware is designed firewall can identify them and they stop off
Well Continue to be with us to tell you solutions that you can get better acquainted with anonymous connections on your computer.

How to know the internet connection of your computer?

The first thing we need to make sure is to identify the items that are connected and find out where they are connected. What software is the basis and connector of these connections? And are all these softwares licensed to communicate or not? There is a simple solution to this, and that is to use the netstat command in the Windows command line tool.

This command works on all three Windows 7, 8 and XP operating systems, but if you are still using Windows XP, Windows XP installed on your computer must have at least a Service Pack 2 add-on.

Using the net stat command, we can get a list of all the items that are connected to the Internet through our computer, and to use this command, we first need to run the Windows command line tool, or Command Prompt, with the administrative or admin access level. .

If you are using one of the versions of Windows 8, you can right-click on the Start button in the lower left corner of the screen and then select Command Prompt (admin) from the menu that appears.

If you are using Windows 7 or Vista, you can open the Start menu and enter cmd.exe in the search bar, then you will see the option cmd.exe in the results that appear in the search results that appear in this menu. Right-click and select Run as administrator.

Now, if the User Account Control feature is enabled on your Windows, a box similar to the one you see in the image may appear. You need to click yes on this card. If this feature is not enabled on you, the command line tool will run immediately. .


In the Windows Command Prompt tool window, type the following command and press Enter:

netstat -abf 5> activity.txt

In this command, option a- shows all the communications and listening ports, option -b also shows you what software has tried to connect to the Internet, and at the end of option -f the full name of each dns shows you that we can use it to know exactly where each connection is connected and from what direction. Option 5 in the command also checks the connections every 5 seconds and finally saves the final result in a file called activity.txt.
Wait for about 2 minutes after executing the command and then press and hold ctrl + c to stop checking and storing information about Internet connections.

By stopping the command you can go to the path where the activity.txt file is stored (this path is displayed in the command line window and in our example is the root of drive C) this file in the text editor Open it as a document and see the connections that were connected and disconnected by your command.

If you also enter the phrase activity.txt in the command line window and press the enter button, the file in question will open in the Windows Notepad software window.

What you see in these texts is a list of processes that have been connected to the Internet on your computer in the last two minutes (usually this list contains the names of messaging software, email, and…).

It can also show you the name of the website it links to
Well, after reading the list and seeing that the connection was unfamiliar, you can find out more about it by searching for “what is unknown process name” in Google  and replacing the unknown process name with “unknown process name”.

Use the TCPView tool to check Internet communications

But in this area there is a useful tool called TCPView that allows you to quickly get a list of all the connections that are connected to the Internet through your system, as well as the resources that have access to them. To understand.

And you will be able to right-click on any process and select End Process‌ or Close Connection to stop that process to disconnect from the Internet. You can also use the Whois‌ option to find out more about how each process is connected to the Internet.

Use CurrPorts to check what your system is up to

You can use another tool to identify connected connections, the name of this tool is CurrPorts, which can be used to check all the connections that are established through your computer and on TCP / IP and UDP ports. You can use this software without Need to install because the version of this software is portable and does not need to be installed and to use it is enough to decompress the file.

Then You can disconnect any connection by right-clicking and selecting the close option. You can also save more information in an HTML or XML file. Other features of this software include moving columns of information in CurrPorts, sorting information by one of the columns.

CurrPorts runs on Windows 2000, NT, XP, Windows Server 2003, and Windows 7 and 8, as well as a separate 64-bit version.

Leave a Reply

Your email address will not be published. Required fields are marked *