Anymore, computer security is just as important as Home security. You wouldn't leave your front door open when you go out for a night on the town. So why would you leave your computer open for anyone to see? Well for most people, the signs of PC entry aren't as obvious. In the following tutorial I show you some tools to use to tell if your Windows NT, XP, or 2000 PC has been hacked. Using these tools, you should be able to detect the most common hacks and tell if your system has become compromised. However, some hacks may be very hard to detect and could take some work.
Checking to see if you've been Hacked:
- First, download the following tools:
How to Tell if you've been hacked:
- Extract the TCPView.zip and click tcpview.exe to run the program
- Look for any suspicious running processes, if there are suspicious processes, you can right click on them and click Process Properties, if you find a suspicious process, you can also click End Process to attempt to close the program
How the other tools can assist you in diagnostics:
Process Explorer: This program will list all running processes and can help determine which process is the parent processes and which processes are spawned by the parent.
PSTools: This program contains console command line tools that can list running processes and alternately be used to kill those processes.
Filealyzer: This program can be used to view advanced information about a file (explains what a program does or is). Filealyzer adds a windows explorer shell extension that allows you to analyze a file by right clicking on the file and selecting Analyze File With Filealyzer.
DameWare NT: This program is typically used to remotely administer another computers system registry. Effective for removing Root Kits.